Earlier this year, when the Galaxy S7 launched, it was loaded with something Samsung called "Private Mode." Private is, frankly, kind of lame - you can use it to secure sensitive files, photos, or voice recordings using Samsung's stock applications for those functions. I can see a use, sure, but this is a pretty limited sort of feature.
With the Note7, Samsung has introduced Secure Folder. This sounds even narrower in scope, right? If you were to judge it on the name alone, as many are likely to, you'd think it was simply a secure file space to store your sensitive stuff. But Secure Folder is so much more. If you're familiar with systems like Samsung KNOX or Android For Work, you'll know that these systems allow an organization to create a separate, highly secure "work" profile on a smartphone while also allowing the end user to keep their regular OS software. The work profile, essentially an entirely different instance of the OS, is all but completely sandboxed from your personal information on the phone, and likely uses extensive restrictions and additional security features to keep everything locked down.
I have long wondered: why isn't there a consumer version of this? A way to have a second, secure profile on your smartphone that doesn't require setting up enterprise-grade software or using a potentially not-as-secure 3rd party app to merely emulate some of this functionality while also not getting any of the low-level security benefits. Well, it's here: Secure Folder is almost literally that - a highly secure KNOX profile for personal use.
Granted, it has limitations: you can't set a launcher or use Secure Folder like a full OS instance. Think of it as a private OS partition that uses a mini-app launcher, sort of - everything that appears in Secure Folder is completely and utterly separate from the regular content on your device. You can add entire Google accounts to Secure Folder! It's actually kind of amazing.
For example, let's say you own a small business, and you have a business email address that contains highly sensitive client information (yes, yes, I know, drug dealer jokes). But your concern isn't competitors getting into your phone - it's that when you let your kid play Candy Crush to keep him occupied at the grocery store, you don't want him going in and accidentally deleting allthethings.jpg in your work email. Your personal email is whatever - you can deal. But if you lose that sensitive information, you're really screwed.
Sure, there are apps to password-protect apps on your smartphone, and essentially, that's what Secure Folder sort of does. But it's far more secure than that: there's not even a way to interact with that email account unless you are literally inside the Secure Folder application. You can't accidentally share to it, it doesn't show up in intents, it doesn't send you notifications unless you decide you want them, and it doesn't show up in your app drawer. It's a ghost. Only by opening the Secure Folder app, secured by your method of choice, including iris scan because Note7, can you access that email account. It's tremendous peace of mind - and you can completely erase the whole thing at any time.
Alternatively, and less serious-business-ly, let's say you let your kid play Candy Crush, but you also play Candy Crush, and you don't want him wasting all your lollipop hammers. Or maybe you just have two game profiles so you can play one while the other recharges. Regardless, you can keep a second install Candy Crush in the Secure Folder. Taking pictures of your passport or driver's license to upload or bring somewhere to verify your identity? Use the camera app in secure folder: they won't accidentally end up on Google Photos or Dropbox, or in your photo reel next time you hand your phone to someone to look at your vacation pictures. Want to keep a bunch of tabs open in Chrome for holiday shopping so you don't lose track, but also don't want your SO to see what you've been shopping for? Put a Chrome instance in Secure Folder.
Really, the possibilities here go on and on and on. And you can install basically any app you normally can on your phone (well, launchers won't work) in the secure folder via a built-in instance of the Google Play Store for Work if you want to sign in to a Google or Google apps account. If you don't, you're limited to the apps you already have installed on your phone's non-secure profile (it installs new instances of them on the secure profile). It's like having a totally separate user profile on your phone, but without all the hassle and performance issues that tend to come with it. You can even hide the secure folder such that it's only accessible through the security menu in device settings. There are a bunch of neat little tweaks that can be made.
Given Android for Work is a thing and offers similar functionality to KNOX (which Secure Folder is powered by), I have to wonder: why not put something like this in stock Android? The use cases create themselves. It gives Android for Work's robust security and feature set a practical consumer application. There's little doubt that this might even make privacy-obsessed Apple a teensy bit jealous. And sure: some Chinese phones offer similar functionality, but I think Samsung's solution is dead simple to understand, easy to use, and probably a heck of a lot more secure on a technical level.
I was prepared to write off Secure Folder as a gimmick the moment I heard about it a month ago at Samsung's Note7 briefings. After a week with the phone myself, I completely get it - and I think it's receiving far too little attention. This feature is a big deal - and Samsung's implementation is near flawless. Credit where credit is due, I'm impressed.
Apparently, Secure Folder is essentially an iteration of the existing Samsung My KNOX app. Secure Folder does offer some additional features (and also removes a couple, oddly), but if you have a recent Samsung device, I'd suggest checking out My KNOX as well - you'll get similar functionality and presumably the same great security benefits.
The biggest thing to note about My KNOX is that once activated and installed, it can't be removed. Just a friendly warning. Edit: Turns out it can be removed, but it has to be via the Play Store or the My KNOX website - it shows as unable to uninstall from the app manager for some reason, though.