- all modern mobile OSes have full device encryption
- levels of iOS encryption:
- All user data on the device is always encrypted
- key is stored on the device
- primarily used as a means of wiping the device
- Data Protection option
- Email data and any apps using Data Protection use a second round of encryption
- uses a key derived from user’s credential
- not all user data is encrypted with data protection option
- contacts, SMS messages, and pictures
- enabled automatically when a password is configured
- Android
- substantial differences in encryption options between versions
- no FDE since Android 10
- too detrimental to performance
- user data is encrypted at file-level by default