The FutureDial Blog (8.10.2023)
TAKEAWAY: Crucial factors are reshaping data erasure practices in mobile device refurbishing and resale. Research highlights the persistent threat of data remnants after performing a basic factory reset, underscoring the accessibility of sensitive personal data in second-hand devices. Secure data erasure's role is pivotal, curbing financial losses due to data breaches, while challenges of fragmented storage call for specialized and automated erasure techniques. Accordingly, with over 28 data sanitization standards widely used in the industry, automated data erasure strategies are being relied upon to safeguard privacy and foster trust in the mobile device refurbishment sector.
Refurbished Phones, Secured Data
As the mobile device market continues to grow, the demand for refurbished smartphones and tablets is also on the rise. Refurbished devices offer consumers a cost-effective alternative while promoting sustainability by extending the lifespan of electronic devices. However, refurbishing these traded-in mobile devices involves more than just a factory reset.
As most mobile phones being traded-in contain considerable amounts of personal and sensitive data, secure data erasure is a critical aspect of the refurbishment process, ensuring that all sensitive information and content is thoroughly removed to protect the privacy and security of both the previous owner and the new user.
In this article, we will look into the complexities of secure data erasure in mobile device refurbishment, exploring the techniques, challenges, and industry best practices.
Research Shines a Spotlight on Critical Need for Secure Erasure in Preowned Phones
Secure data erasure constitutes a critical element of preowned mobile device triage and refurbishment, serving as a safeguard for the privacy and security of both the previous owner and the new user. Simple factory resets fall short, motivating the application of advanced techniques to ensure robust data sanitization:
- Data Residuals Threat: Studies have shown that a factory reset alone doesn't guarantee data removal, as residual data can remain accessible. A study by the University of Cambridge found that even after a factory reset, sensitive data fragments were recoverable from a significant portion of second-hand devices. (Source: University of Cambridge, "Privacy Implications of Secondhand Smartphones: A Comprehensive Study")
- Cryptographic Erasure Efficacy: Cryptographic erasure involves rendering data unreadable through encryption. This method has been proven effective in preventing data recovery. A report by the National Institute of Standards and Technology (NIST) indicated that properly implemented encryption renders data practically impossible to retrieve, bolstering its role in secure data erasure. (Source: National Institute of Standards and Technology, "Guidelines for Media Sanitization: Recommendations of the National Institute of Standards and Technology," Special Publication 800-88)
- Challenges in Fragmented Storage: As mobile devices utilize non-uniform storage structures, erasing data across fragmented storage can be intricate. A study by the University of California, San Diego, revealed that fragmented storage systems can lead to residual data being overlooked during data erasure, necessitating specialized techniques. (Source: University of California, San Diego, "File System Fuzzing: Finding Vulnerabilities in File Systems")
- Chain of Custody Significance: A secure chain of custody ensures that devices are handled in a controlled manner to prevent data breaches. The National Association for Information Destruction (NAID) reported that maintaining a documented chain of custody helps in tracking the handling of devices and contributes to the audit trail for certifying regulatory compliance. (Source: National Association for Information Destruction, "NAID Information Destruction Policy Compliance Toolkit")
By recognizing the intricacies involved and embracing comprehensive data erasure strategies, and by deploying robust data sanitization technologies for processing preowned devices, the mobile phone refurbishment industry can maintain its reputation for providing dependable and secure refurbished devices.
Why Factory Reset is Not Enough
Mobile devices such as smartphones and tablets contain a vast amount of personal and sensitive information. This information includes emails, contacts, photos, messages, passwords, login credentials, browsing history, and even financial data like banking credentials.
When users decide to trade-in or sell their old devices, they may try to manually erase what they can from their phones by themselves before bringing it to a wireless dealer to trade in the phone and upgrade to a newer model. Additionally, after phones are traded-in or bought back, and a mobile phone refurbisher or recycler takes possession of the phones for reprocessing, a warehouse or processing center may perform a basic factory reset on the phones to erase any personal data. The process of a factory reset typically involves restoring the device's operating system to its default settings, deleting user-installed apps, and erasing personal files from the visible file system.
Unfortunately, these minimal actions do not guarantee that the phone data has been securely or permanently erased and unrecoverable. Several reasons contribute to this:
- Incomplete Data Deletion: A basic factory reset process might not completely erase all data areas on the device, leaving behind fragments of sensitive information that could potentially be recovered.
- Residual Data: Deleted files may also leave residual data traces on the device's storage, which can be recovered through forensic techniques.
- Encryption Keys: If the device uses encryption to protect data, a factory reset might only delete the encryption keys, making it difficult to access the data without them, but still possible for skilled data thieves to retrieve.
- Data Remnants in Internal Memory: Some mobile devices use internal memory to store data temporarily. After a factory reset, this data may still exist in the device's memory and be recoverable.
To address these data security concerns, it is crucial to utilize secure data erasure methods that go beyond the standard factory reset process. Automated systems that perform robust data-clearing further ensure that human errors are avoided, and that no stone is left unturned when thoroughly wiping sensitive personal data.
Data Erasure Techniques
Each data sanitization standard uses unique methods of data-clearing, but most data erasure processes utilize the techniques described below. These usually employ specialized data-wiping software that meets internationally recognized standards for data sanitization to overwrite the entire storage space with random data multiple times, making it extremely difficult to recover any traces of the original data. It is important to adhere to relevant data protection regulations and standards that mandate secure data erasure practices, such as GDPR, R2v3 and others.
- Overwriting: One of the most common techniques used for secure data erasure is overwriting. This method involves writing random data patterns over the existing data multiple times, effectively rendering it unrecoverable. Advanced algorithms ensure that every bit of data is overwritten, leaving no traces of the original information.
- Cryptographic Erasure: Cryptographic erasure involves encrypting the data on the device and then securely deleting the encryption key. This method ensures that even if the data is recovered, it remains inaccessible without the encryption key. Cryptographic erasure provides an added layer of security, especially for devices with sensitive or classified information.
- Physical Destruction: In cases where data security is of utmost importance, physical destruction may be the most reliable method. This involves shredding, pulverizing, degaussing or even melting the device to irreparably destroy the storage media. Physical destruction is often employed for devices that are beyond repair or contain highly sensitive data.
After the data erasure process, it is essential to verify that the data has been successfully wiped from the device. Automated systems make such tracking and reporting very comprehensive and effortless. Regular audits can ensure compliance with data protection standards.
Data Erasure Standards Used in the Industry
There are over 28 industry-grade data erasure standards which are widely in use globally for securely erasing the personal data on mobile phones. Here are a just few of the more widely-used standards:
- The U.S. Department of Defense (DoD) Data Erasure Standard: Consists of three passes of overwriting data on the storage media: Pass 1: Overwriting with zeros (0s); Pass 2: Overwriting with ones (1s); Pass 3: Random pattern overwriting, making it exceedingly difficult for any residual data to be reconstructed.
- The U.S. Department of Defense Data Erasure Standard 7 (DOD7): Similar to the DOD standard described above, the DOD7 standard runs 3 passes twice, with either a 0 pass of 1 pass in between.
- NIST Special Publication 800-88 Revision 1 Guidelines: Consists of overwriting the entire storage media with a pattern of 0s and 1s, effectively erasing the data and making it unrecoverable by standard data recovery methods. Additionally, it includes purging by applying cryptographic erase or secure erase techniques to make the data unrecoverable even through advanced forensic methods, as well as physical destruction of the storage media if deemed necessary.
- Dept. of Energy (DOE)-compliant 3-Pass Secure Erasure: Writing 2 passes of random data and then a single pass of a known data pattern, erasing the data and making it unrecoverable.
- NSA Data Erasure Standard: Commonly known as the NCSC-TG-025, the process uses three passes and necessitates verification after each pass. The first pass writes binary 0s over a hard disk drive, the second pass writes 1s, and the last pass writes random values.
- The Peter Gutmann Data Erasure Standard: The Gutmann algorithm uses random values for the first & last 4 passes, and it employs a complex pattern in the passes that lie in the range of 5 to 31. It is one of the most effective data erasure methods, although very time consuming.
- Bruce Schneier’s Data Erasure Standard: Security technologist Bruce Schneier's algorithm involves a 7-step process of encoding data with binary information of 1s and 0s, followed by an overwrite with a stream of random characters.
- U.S. Air Force Data Erasure Standard: The United States Air Force System Security Instruction 5020 uses a 2-pass overwrite and is completed by verifying the write.
- Roy Pfitzner's Data Erasure Standard: Developed by and named after Roy Pfitzner, this standard uses a complex algorithm with a 33-Pass option and an ability to run the entire program multiple times. Verification also occurs during the process, and like the Gutmann method, it uses a combination of random characters for each data erasure pass.
- U.S. Navy Data Erasure Standard: Under the US Navy NAVSO P-5239-26-MFM standard, write verification is performed after overwriting the entire disk area with fixed values (0x01), fixed values (0x7ffffff), and random numbers. It cannot be restored by software restoration.
- German Data Erasure Standard: The German standard VSITR overwrites the entire disk area with a zero (0x00) and fixed value (0xff) pattern three times, and finally with a fixed value (0xAA), making it exceedingly difficult for any residual data to be reconstructed.
Other widely used industry-grade erasure standards include:
- US Army
- Canada_RCMP
- Canada_CSEC
- UK
- British
- Australia
- Australia_15GB
- New Zealand
- Russia
- One Time Erase_0
- One Time Erase_1
- One Time Erase_Random
- N Time Erase_Random
- Low Level Format
Challenges in Mobile Device Data Erasure
- Fragmented Storage: Mobile devices often utilize NAND flash memory, which is divided into numerous small blocks. This fragmentation poses a challenge for data erasure as it requires ensuring that all blocks are overwritten or securely erased.
- Device Locks and Security Features: Many mobile devices are equipped with advanced security features such as device encryption, biometric authentication, and remote wipe capabilities. These features can hinder data erasure by restricting access to certain areas or preventing data recovery attempts.
- Data Residuals: Erasing data from a mobile device is not limited to the internal storage alone. Data residuals can also exist in other areas, including the SIM card, SD card, and even within the device firmware. Comprehensive data erasure must consider these residual areas to ensure complete data sanitization.
Industry Best Practices
- Compliance with Standards: Following industry-recognized standards for data erasure, such as the National Institute of Standards and Technology (NIST) Special Publication 800-88, helps ensure the effectiveness and reliability of the erasure process. Compliance demonstrates a commitment to data privacy and security.
- Verification and Certification: Implementing robust verification processes and obtaining certification from reputable organizations provide reassurance that data erasure has been performed successfully. Third-party audits and certifications build trust between refurbishers, customers, and stakeholders.
- Secure Chain of Custody: Maintaining a secure chain of custody throughout the refurbishment process is crucial. Proper documentation and tracking of devices ensure accountability and minimize the risk of data breaches during transit or storage.
Erasing Traces, Ensuring Trust
Secure data erasure is a vital component of mobile device refurbishment, safeguarding the privacy and security of both the previous owner and the new user. Beyond the simple factory reset, specialized techniques such as overwriting, cryptographic erasure, and physical destruction are employed to ensure data sanitization.
However, challenges such as fragmented storage, device locks, and data residuals require refurbishers to implement industry best practices, including compliance with standards, verification and certification, and a secure chain of custody. Much of these tasks can be performed through automated systems to ensure thorough erasure and regulatory compliance, as well as provide a detailed audit trail for certification purposes. By understanding the complexities and adopting comprehensive data erasure strategies, the refurbishment industry can continue to provide reliable and secure refurbished mobile devices to consumers while also complying with industry regulations.
Contact FutureDial at sales@futuredial.com to learn more about automated solutions for secure data erasure for preowned mobile phones being refurbished for resale.
© 2023 FutureDial Incorporated. All Rights Reserved.