The French government is advising against using biometric security, like facial scans or fingerprints, to unlock phones, as detailed in a new advisory document from ANSSI, the national agency for information system security.
Instead, ANSSI recommends using end-to-end encrypted chat apps for sensitive communication and disabling automatic MMS reception to prevent spyware attacks. They also suggest charging phones only via a USB data blocker.
The advisory also highlights the evolving threat landscape for mobile phones since 2015, focusing on various spyware attacks users face. It offers several tips to secure both the phone itself and its communication channels.
Other recommendations include switching off Wi-Fi, Bluetooth, and NFC when not in use, and regularly rebooting the device, as some spyware can be removed this way.
For sensitive information, ANSSI strongly advocates for end-to-end encrypted chat applications and advises against using SMS. If a phone must be left unattended, it should be completely switched off.
iPhone users are encouraged to enable Lockdown Mode, a security feature that ANSSI has independently tested and confirmed makes phones harder to compromise. For Android users, Advanced Protection Mode is recommended.
The agency also cautions against using public Wi-Fi without a VPN. The full advisory document, CERTFR-2025-CTI-013, can be found on ANSSI’s website. Read more about the advice here: Security.nl and the original advisory here: cert.ssi.gouv.fr.
This governmental advice on mobile security aligns with broader industry efforts, as seen with Google’s recent push to integrate AirDrop compatibility into Android’s Quick Share, leveraging Rust for enhanced security. Such initiatives aim to create more resilient communication channels against persistent threats.
The focus on direct, peer-to-peer data transfers, avoiding central servers, underscores the growing demand for secure and private communication, echoing the ANSSI’s recommendations for end-to-end encrypted chat applications. These efforts reflect a shared priority in safeguarding personal data.
Amid these advancements, the threat landscape continues to evolve, with malicious Android applications increasingly using AI-powered obfuscation and fake apps to evade detection and steal user data. This highlights the continuous vigilance required to protect mobile devices. Users must remain cautious.