More than ever before, personal security is a delicate balance between convenience and functionality.

Lollipop Encryption

Being secure is all about adding layers in between the thing you want to keep safe and everything else, even you (and in some cases, especially you). Personal information, like the stuff we all routinely load our smartphones with, doesn't actually want to be secure. You have to put some work into keeping your information safe, and every step you take adds some small layer of inconvenience. In Android 5.0, Google made Full Disk Encryption something you can either enable yourself or enjoy because your smartphone or tablet has shipped with it enabled by default. Before you flip that particular switch, however, lets take a look at what you gain —and lose — through the use of this feature.

Not sure what Full Disk Encryption is, or how it works differently in Android Lollipop? You should check out our primer first.

Encryption Password

The two big ways Full Disk Encryption affects users is performance and protection, and like most forms of security you're going to lose some of the former in order to gain the latter. Performance is a funny thing to talk about with Android devices, because most folks look at performance one of two ways. You're either all about the hard data provided by a technical benchmark, or you'd like to see how usage in the real world changes. While we typically shy away from benchmarks to demonstrate performance over real world use, it's important to see just how many different ways encrypting your device affects performance.

Storage Benchmark

There are a ton of different benchmark tools out there, but for this job we're relying on AndEBench Pro to demonstrate the differences in performance. We ran the storage benchmark before and after encryption on a Nexus 5 running Android 5.0.1, and in doing so found a huge difference in disk read performance between unencrypted and encrypted. Specifically, the encrypted Nexus 5 was reading information on the disk 40% slower than the unencrypted Nexus 5. This is an expected behavior, and will happen with every encrypted drive, but what this means for day to day use isn't nearly as bad as it sounds.

System Benchmark

If we take a look at the actual system performance under this same benchmarking tool, you see that the time required to perform most tasks has only slightly increased. This increase on the Nexus 5 is barely noticeable during most tasks. Eagle-eyed users will notices photos taking slightly longer to load from the gallery, big apps like games will take a little longer to load from a cold start, local playback of 2K or 4K content will take a little longer than usual to start. Naturally, this all adds up. When every single task is slowed down by a little bit, rapidly switching between apps is going to be slower as well. Once you're in an app, or are already playing a file, you're not going to notice any performance issues on the Nexus 5.

There is one outlier to this particular performance demonstration that's worth talking about, which is the Nexus 6. Google's reliance on a CPU-based encryption for the Nexus 6 causes a greater discrepancy in performance than we'd see with most other devices, thanks to Qualcomm's crypto engine. Since we can't predict what every manufacturer is going to do with encryption in a post-Lollipop world there are no guarantees, but it seems more than a little likely that most OEMs will try to avoid performance deficits like what we see on the Nexus 6.

Encryption Robot

This is the trade-off for the kind of security that keeps your phone more or less safe from intruders of any kind. From pickpockets to spy agencies, an encrypted disk is often a costly hurdle that in many cases is deemed not worth pursuing. It's the kind of thing that could cause a thief to just throw your phone away instead of trying to wipe it and sell it, but it's also worth keeping in mind encryption is only as secure as your password. Additionally, if your phone is already on and active there are ways to bypass most Android lock screens, leaving your data available even though it's encrypted. It's all about the balance between security and inconvenience, and choosing how many layers you want in between your data and the rest of the world.