Factory resetting your Android won’t erase all your data, study finds


Apparently reseting your Android phone to its default factory is not safe. A study from Cambridge University found out that people could still recover data on a number of Android operated devices even after the factory data reset process.

The researchers tested 21 devices made by five different manufactures, running mobile operating versions from Froyo to Jelly Bean.

Not only did the researchers find data, they managed to extract the master token of 80% of the devices which enabled them to access the user’s Google data.

The kind of data included images, text images and contacts. Apps like Facebook which have become like volts to store people’s lives retained data like photos, videos, text-based messages that could be accessed after a factory data reset.

“After the reboot, the phone successfully re-synchronised contacts, emails, and so on. We recovered Google tokens in all devices with flawed Factory Reset, and the master token 80% of the time. Tokens for other apps such as Facebook can be recovered similarly. We stress that we have never attempted to use those tokens to access anyone’s account.” the research reads.

Read more: 4 common UX mistakes in brand apps (and how to fix them)

Android Data Reset

The data was recovered even when full encryption was enabled by users, proving that however one protects against data theft, factory data reset is simply not enough. It estimates that about 500 million Android phones are at risk.

This is not the first time such research has been carried out. Avast reported something similar in 2014.

Going forward, though, it is clear that manufacturers ought to relook how the Android Data Reset works to ensure that the users do not have their data accessed by other people.



Sign up to our newsletter to get the latest in digital insights. sign up

Welcome to Memeburn

Sign up to our newsletter to get the latest in digital insights.