How to secure phone for repair shop?

I've been an android user for many years and so far I've been lucky enough not to need to have a phone repaired by a shop, so I'd never considered this problem until recently. I had to give my Galaxy S8 to a shop for repair. Since it's running Android 9.0 I thought I could use guest mode to keep my info private, but it turns out Samsung disables multiple accounts on the Galaxy. (WHY?!)

This is like handing the keys to the castle to a complete stranger. Having my phone with the lock screen unprotected is as good as having full access to my email accounts, my Google Drive repository, my social media accounts, and another dozen other apps with private data. Disabling them all and then reenabling them later would take almost as much time as just doing a factory reset and restore later.

Is there a reasonably simple way to give my phone to a repair person and have my data remain secure?

Answers 1

  • Doing a factory reset and full storage clean is the way to go here. Service will not fiddle with kiosk apps or the like. To my experience, they wipe your device anyway – so make a good backup and wipe it yourself.

    Don't forget (to backup and wipe) your internal SD card – and simply keep the external with you.

    For details on how to achieve that, please see: How to make a complete factory reset, without anyone being able to retrieve my data – asks for a different reason (selling a device), but with the same goal (protecting (or rather completely wiping) your personal data which resides on the device). And while the answer there gives detailed background, here come some points for the doing:

    • backup whatever you need (and can be backed up)
    • if you've got an external SD card, simply take it out and keep it. What they don't have they cannot look at.
    • as you want all data on internal storage gone, just wipe that completely. Easiest way for that probably is:
      1. remove any Google Account you might have configured, to avoid tripping FRP
      2. perform a factory reset, then
      3. turn on full device encryption. Let it encrypt the entire device.
      4. optionally, copy some files to it
      5. perform another factory-reset, turning device encryption off

    By toggling device encryption on and off again, the entire storage should be overwritten (without you requiring root permissions to do so explicitly). This makes data recovery very hard – actually, nearly impossible; though Forensics might have their ways, that would be far too expensive for someone simply curious unless that someone knows there's something of value to be found.

    PS: All that of course assumes you are still able to perform those steps. If e.g. the device no longer turns on at all, chances are rather low to achieve any of those details.


Related Questions