You might as well know how to do this, since presumably criminals and terrorists also know just as well. The FBI may one day want to poke their noses into the secrets locked inside your smartphones. How do you keep them out? I’m sure the on-going Apple vs FBI battle may be a cause of concern for some folks.
Perhaps start by not using an iPhone? Oh wait, most Android smartphones are probably worse off in terms of physical security. You see, it is only on new Android smartphones that come with Android 6.0 Marshmallow, and with Advanced Encryption Standard (AES) crypto performance above 50MiB/sec, that full disk encryption is mandatory.
The latest Nexus smartphones, the 5X and 6P, for example, come with full disk encryption turned on by default. This means that if these smartphones fall into the hands of the wrong people, even with physical access, they would have to deal with storage contents that are encrypted.
The encryption, of course, is only useful if you actually setup a suitably secure unlock method for the lock screen. Swipe, for example, doesn’t count. Pattern unlock is too easy to crack. If you choose PIN, then your PIN much be long enough. Make it 16 digit long. It’s the maximum that Android allows, but it’s also the minimum that I think you should use. Passwords would be best, but again you’ve got to choose a good, proper, strong password for it to be useful.
With a suitably secure unlock method setup, your modern Android smartphone that has full disk encryption and hardware-backed credential storage should be able to protect your data. Of course, I’m also assuming the device is not rooted. Rooted devices by themselves are not bad, but you must understand that apps which are granted superuser access have unlimited access to everything inside your device.
On the iPhone, you must understand that the default 4-digit PIN just doesn’t cut it. It suffices now because iOS builds in timed delays and mandatory data reset after 10 successive passcode failures. I’d suggest you go with far longer PINs or passwords, regardless of how the current Apple vs FBI battle pans out.
I’m assuming, of course, in all cases that the operating system itself doesn’t build in some other backdoor that can defeat the sound security that had been originally designed. Massive software vulnerabilities and other zero-day exploits aside, we trust that the makers did not design secret holes, inadvertently or not, into their operating systems.