Whether or not we choose to line up outside the Apple Store every September for the latest iPhone launch, most of us nowadays replace our smartphones with some regularity. After all, it’s still common to buy handsets on 18 or 24-month contracts and then upgrade again after they expire. The outcome? We end up with stacks of perfectly good technology kicking around unused.
There is, of course, one solution to this problem: selling your old smartphones on eBay. It’s eminently possible to make a tidy sum this way, particularly now network operators are more lenient with their device-locking policies than they used to be.
How do you prepare a mobile device for sale on eBay? Well, the site itself has its own list of pointers, which include setting a reasonable price, writing a concise and accurate description, and taking lots of pretty pictures.
However, one thing that isn’t covered is securely erasing your data. Nobody in their right mind would sell a smartphone full of their old selfies, so it’s important to take steps to ensure the transaction won’t put your personal information at risk.
Most handsets have a factory reset function. Alarmingly, though, there’s evidence to suggest even this isn’t enough to protect your privacy. Last year, security vendor Avast bought 20 used Android devices off eBay and was able to recover a staggering 40,000 supposedly deleted photos, of which over 1,000 contained nudity. It also dug up 750 emails and text messages sent and received by the smartphones’ previous owners. Cambridge University also discovered this with their own study this year.
Don’t like the idea of this happening to your data? Follow our checklist to ensure you’re only auctioning off hardware in you eBay smartphone sale, not your privacy.
Step 1: Remove your SIM card
You probably shouldn’t need to be told to remove the SIM card from your old smartphone before shipping it out to an eBay buyer, but there’s always a chance you might overlook this if you’re switching to a new network and are therefore getting a replacement SIM.
A SIM card can contain quite a lot of personal information, including contacts, SMS data and call logs, and should be of absolutely no value to the person who purchases your old device. As such, you should always remove it prior to the sale, preferably disposing of it securely if you aren’t going to use it again.
Step 2: Remove or wipe your microSD card
Many modern smartphones have microSD card slots, allowing users to expand on their limited internal storage with additional flash memory for photos, videos and other data. As with a SIM card, there’s a chance you might overlook removing a microSD card from a device you’re preparing to sell on eBay. Or, if you’re switching to a handset that offers internal storage only, you might choose to bundle your old one with the smartphone to sweeten the deal for the buyer.
If this is the case, be sure to securely erase the card’s contents. Simply deleting the files might not be enough, so consider the use of a specialist data destruction tool such as Blancco Flash.
Step 3: Turn on device encryption (Android only)
This brings us up to the point at which you’d normally carry out a factory reset and, without further ado, get the bidding started. But wait, you ask, what about that Avast study we mentioned earlier? Didn’t that make out that Android’s factory reset function is basically useless?
Well, Google itself actually responded to the research to point out that preventing this form of abuse is, in fact, trivial – you simply have to turn on device encryption, typically accessible via the device’s security settings. This renders the contents of your smartphone’s internal storage unintelligible to anybody without the correct cryptographic key, which is associated with a unique PIN or password. When you carry out a factory reset, Android throws away the key itself and therefore ensures your data is garbled for good.
Note that if you’re an iPhone owner, you can skip this step entirely – Apple automatically encrypts everything on its handsets and securely erases the cryptographic keys when you carry out a factory reset.
Step 4: Wipe your device’s internal storage
It’s finally time to wipe your device’s internal storage, safe in the knowledge that even with sophisticated data recovery tools, malicious buyers won’t be able to retrieve anything more than an unintelligible mess. If you’re using an iPhone, look for the option Erase all Content and Settings in the settings menu. On Android, the factory reset function is normally located under Backup and reset, although this may vary according to manufacturer and version.
You’ve now prepared your mobile device for sale on eBay with a fair degree of certainty that you’re not short-changing yourself by selling off your personal information into the bargain. And if you’re still not 100 per cent confident your data is gone for good, or simply want to make the process faster, you can always switch to a dedicated tool such as Blancco Mobile to wipe old smartphones with even greater speed and security.
Mikey has been with Ontrack for 6 years and is the Partner Program Manager, based out of the Epsom, UK office. He is a regular contributor to the Ontrack blog, usually writing about how different types of data storage technologies work. Outside of work you’ll find him either with a guitar in his hands or learning about rocket science.