Summary: Investigators find it impossible to total clear data from handset when changing phone Emails, texts, pictures, videos and apps can all be retrieved after full wipe Up to 630million phones don’t wipe internal SD cards when phone is reset Investigators say the issue may hinder growth in the phone and app market.

Up to 500million Andriod users who use or have used Android software could be at huge risk of having their personal information shared after tests shown it’s impossible to wipe Data off many devices.

A report by Cambridge University showed that private text messages, images, videos and email details can be recuperated, even after a total wipe – or factory reset the threat still persists.

It basically means that people who have given away, sold or lost their phones are now at risk from having their private details and any personal, secretive or sensitive information in messages or emails seen by the new owner of their phone.

They could also easily access third party applications. Many phone users pile up financial information and conduct their whole banking through some popular apps on tablets and phones such as Halifax and Nat West. Not only that but researchers also recovered Google verification tokens, services authorizing access synced across a number of devices, including Gmail, YouTube, and any images or videos stored using Google cloud services.

Some tests conducted on a number of second-hand devices bought on eBay with various versions of Android software established that even if the user has the phone fully encoded, even after a thorough factory reset the information could still be retrieved.

Android is the most commonly-used phone and app software in the world with major manufacturers including Samsung and HTC employing it as an operating system for their phones and tablets.

And Android claim that just over 50 per cent of Android devices use the software tested – from Android 2.2 to 4.3 – which is how the researchers were able to derive a figure of 500million handsets at threat.

They also revealed that up to 630million phones may not wipe internal SD cards, which often store most of the images and videos on a phone.

It means that the user could wipe the limited information on the phone and sell or pass it on to another person who would still be able to access the majority of personal information it holds.

The authors say that ‘poor sanitization’ could put the whole mobile phone market at risk and limit development, progress and innovation. It also states that ‘The mining of data from resold devices is an increasing threat as more percentage of users buy second-hand devices.

A lucrative second-hand market is quite valuable for dealers as people want to trade their expensive devices after they have used them. This is the growing concern as data sanitization problems may decline market growth.

If users sense this risk they may stop trading their old devices and buy much lesser new ones. They likely to upgrade but be unwilling to approve sensitive services like banking or healthcare apps, which will eventually slow down innovation.

Conclusively, phone sellers may be held liable under consumer protection or data protection laws in case of a mishap.

In an interview with Ars Technica Computer Scientist Kenn White told that a whopping number of devices are at risk in the market not only Gmail passwords but images, photos, text, chat.

A reset can never be good enough and the level of risk associated with Android devices varies with their wholesaler.