What you need to know about Android’s ‘factory reset’ function

Upgrading your Android device?

Are you still sporting an HTC Dream (Google G1) or a tablet running Android Honeycomb? Probably not, as technological obsolescence means that as mobile devices have evolved, so has our desire to upgrade to newer models with improved performance and functionality.

So if you do decide to upgrade, what should you do with your old mobile phone or tablet to ensure no-one else will be able to access your personal information? Up until now, users may have chosen to perform a factory reset, with the perception that this will securely erase all data on the device. This is actually not the case; it was recently reported that data may still be recoverable from around 500 million Android smartphones, even after performing a factory reset. It was also found that a recovery is possible even if the device is encrypted, which is concerning for home and business users alike.

Why is the data still recoverable?

In a previous blog post we described how data such as pictures, videos and app information gets stored on Android devices, mostly via the use of internal NAND flash memory. We asked Michal Cieslik, a Mobile Device Recovery Specialist at Ontrack to explain why data can still be recovered from these types of storage devices when a factory reset has been completed:

"Performing a factory reset on an Android device simply removes the path to the data, making the device appear empty; however the data is actually still there. A recovery is possible by looking at the data structures from a low-level and using specialist tools to recreate the data into a useable format. Also, factory resetting a mobile device only affects the internal memory - any added external storage in the form of micro-SD memory cards would not be touched and the data could be recovered with widely available software recovery tools."

What does this mean for Android device users?

When the factory reset function is selected on an Android device, whilst a message may warn you that you are about to erase all of your data, the reality is that it does not. For home users, it is important to consider this when trading in your old mobile device or selling it online, as your personal photos, videos and account information could still be recoverable by someone else if the device has not been wiped correctly.

For organisations of all sizes, this poses a serious risk from a compliance and data protection perspective. Company-issued mobile devices are likely to contain confidential data; if this information was recovered and leaked externally it could lead to significant financial penalties, especially under the proposed GDPR legislation. There is also the likelihood of reputational damage, which could be detrimental to client’s trust.

What precautions should Android users take?

Android users should take care in how they dispose of their mobile devices once they no longer have a use for them, even if the device has full-disk encryption enabled. Previous processes and best-practice information should be reviewed accordingly to ensure that data does not end up in the wrong hands.

There are a number of ways in which you can erase data from mobile devices, however, the main goal would be to overwrite all of your previous data so that a recovery is not possible. Tools such as Ontrack Hosted Erase fulfil this by using a secure erasure algorithm and also create a report that proves that the process has been completed successfully. If you will be relying on a third party to get rid of your data for you, it is important to check what methods of erasure they use and if they can provide any proof of this process once completed.