Even if you haven’t experienced smartphone theft personally, you likely know someone who has. Last year alone, 80,000 mobile phones were reported stolen in London. For those affected, losing a costly device can feel devastating, and navigating the tedious process of replacing it, which holds all your vital information, can be frustrating. So, what can be done to prevent phone theft and better safeguard your personal data?

The explanation involves various factors, including how criminals exploit stolen phones, alongside the failure of tech companies focused on user-friendly designs over security measures, and the lack of coordinated international strategies. In short, it’s a multifaceted issue.

Some victims have expressed frustration with the police for their perceived lack of action against phone thieves. NAV Dugmore, who hails from Wolverhampton, England, had her iPhone snatched just moments after she exited Euston Station in London. “Honestly, it hurt me,” she recalls. “We need better systems to deter them from using stolen phones. I think the police could do more.”

The Metropolitan Police informed her that other thefts had occurred in the same vicinity recently, admitting that the chances of recovery were “nonexistent.” Although Dugmore activated face recognition on her phone, it was unlocked when the thief grabbed it, allowing them to quickly spend £300 at various London stores. The most painful loss for her was a photo of her three young children that wasn’t backed up.

When a phone like Dugmore’s is stolen, it enters a grim cycle with multiple potential fates. The simplest scenario for thieves is to sell the phone, frequently exporting it to other countries. Some may also sell the devices for parts at non-official repair shops. According to Daniel Green, a police inspector in London, the thief was connected to a gang that ships the stolen devices out of the country.

More elaborate crimes can occur as well, such as removing SIM cards to disguise the phone’s identity and using another mobile to access text messages, emails, and websites that require two-factor authentication. This can be somewhat mitigated by setting up a PIN on the SIM card, yet this requires action before theft occurs.

Thieves mainly target unsecured phones, but even safeguarding your device with a PIN isn’t foolproof, warns James O’Sullivan, who runs an app called Nuke, designed to assist those whose phones have been stolen. Thieves might simply observe you enter your PIN or employ clever tactics to outsmart your security measures. For instance, if you trigger and then cancel the emergency SOS feature on an iPhone, access via face or fingerprint recognition is temporarily disabled, necessitating a PIN entry the next time. A skilled thief could document you while you unwittingly do this, preparing to capture the input after reclaiming the phone.

Unlocked devices expand the criminals’ possibilities. Thieves can access online banking apps and cryptocurrency wallets, even scamming the victim’s friends and family for emergency funds. They can also share fraudulent links through social media, fishing for further login information and private data.

What measures can we take? At least the UK government acknowledges the issue. In the latter half of last year, they initiated a crackdown aimed at pressuring smartphone manufacturers to permanently disable stolen devices. They also pledged to conduct research aimed at understanding the dynamics of phone theft and devising solutions.

In theory, technology exists to render stolen phones useless. Each device carries a unique IMEI code, allowing reported stolen codes to be blocked on mobile networks. However, blocked phones can still access the internet through Wi-Fi. For years, the Met Police has urged tech firms to enhance protocols to restrict access to cloud services on stolen phones, making them less desirable to thieves. So far, both Apple and Google have not complied.

This also becomes problematic when trying to enforce restrictions across countries, similar to IMEI blocks. Green hopes that manufacturers will create permanent kill switches to effectively eliminate the incentive for phone theft altogether. “I don’t know if that’s a problem for them,” he remarks. “We need to push more. We’re trying to pick up the pieces on the sidelines, which is a tall order.”

Jordan Hare, a former digital forensics expert with law enforcement now working for private security firm S-RM, states that many phones already possess security features capable of thwarting the most determined criminals. For instance, certain devices will lock automatically if they detect sudden movements, such as being grabbed by a thief.

The issue arises because many of these protective measures are disabled by default. Hare emphasizes that companies design for user convenience, often at the expense of security awareness. “Opting in for these features doesn’t benefit the average consumer, who may not even know they exist,” he explains. “An opt-out approach where users are informed that certain settings are enabled and why they should remain on would be far more effective.”

Meanwhile, other admirable security features, like locating your phone via a web browser, fall short in practicality. If the phone is tracked far from its original location, there’s little a police officer can do without extensive paperwork for search warrants.

Dugmore experienced this firsthand with her stolen iPhone. “The last known location was about ten miles from where my phone was taken,” she recounts. “The police indicated that they wouldn’t be able to retrieve it.” When approached for comment, the Metropolitan Police told New Scientist: “Unfortunately, the investigation couldn’t progress due to the lack of CCTV in the area. We’re aware of the victim’s concerns.”

Most prominent smartphone manufacturers, including New Scientist Samsung, Xiaomi, and Google, did not respond. However, Apple did provide a statement.

“For more than a decade, we’ve been actively addressing this issue through hardware, software, and customer support,” an Apple representative stated. “We are committed to investing in industry-leading tools and features designed to empower users against theft,” although they did not clarify why some security features aren’t activated by default.

Ultimately, preventing smartphone theft hinges on ensuring manufacturers remove any appeal that criminals might find in stolen devices. They possess the capability to control hardware and software, developing features that could entirely secure your phone, its applications, and components against misuse or resale. However, O’Sullivan asserts that it doesn’t appear to be a priority. “To be candid, stolen phones generate considerable profit for those selling new devices.”