Whether you decide to sell your smart device on eBay or simply pass it on to a friend once you upgrade, wiping your smartphone's data isn't as easy as we thought. Antivirus security vendor Avast, published a report on Wednesday claiming that data from previously wiped Android devices could be recovered. The security team at Avast purchased 20 different Android phones on eBay, unleashed data-recovery tools, and found telling evidence that resetting to factory settings doesn't mean your private selfie sessions would go unnoticed. You may have to look beyond standard erase features that come with your device to ensure that data is gone forever.

Avast used digital forensic software, FTK Imager, for its dirty work. It conducted the three types of analysis to find data on the phones,“Mass storage mount, Logical analysis, and Low Level analysis”. From the 20 phones: 40,000 photos were found, along with 750 emails and texts, 250 names and addresses, identities of 4 phone owners, and even one completed loan application. As one could predict, hundreds of the attained photos were considered pornographic.

During this discovery, it became clear that when wiping any storage device, you are not erasing the data itself. Instead of destroying data, it de-links it from the OS so that it can be overwritten. All you need is the right recovery tools to access it. Permanently deleting data on a device takes a little longer. Using disk-management and security tools is necessary for a assured wipe.

Why did Avast choose to target Android devices in its exercise? It is part Avast's awareness campaign to help people, primarily Americans, realize how insecure their mobile phones are. An additional reason was to target software to Android. Naturally, the company offers a free app, Avast! Anti-Theft, and encourages Android owners to download it from the Google Play store. Apple owners are by no means in the clear, but evidently Apple does a better job in their secure-wipe routine. iPhones and iPads include hardware encryption, overwriting the encryption keys when it is wiped. This makes recovering data very difficult, but not impossible.

Selling your phone is a great way to make a few bucks, but a bad way to protect your privacy unless you know you to make all your data irretrievable. Very few people in the U.S. use security software on their phones, mainly because isn't preloaded on the devices like it is on computers and laptops. Considering the hacking Avast performed wasn't very advanced but the data it found was tremendous, it's worth looking into some extra protection.