Millions of smartphone apps are putting your personal information at risk
Have you noticed items that you search for online seem to follow you around the internet? For example, if you’re looking into buying a new car and are researching specific models, advertisements for that car will later pop up on other sites.
It can definitely give you a creepy feeling like you’re being watched. Actually, you are.
Sites like Facebook and Google track your online activity so they can provide users with targeted ads. It’s not just websites either, in fact, many smartphone apps take part in the targeted ad process. Now, we’ve learned that millions of apps are putting your personal information at risk.
Why certain apps could be cause for concern
Researchers at Kaspersky Lab are warning people about a vulnerability discovered in apps that might be leaking sensitive personal information. Names, income, email addresses, phone numbers, calls and text message history are all potential pieces of data that could fall into the wrong hands.
The flaw found in the apps originates in how they were designed.
Many app developers don’t write every piece of code that is used in their app. They will purchase a software development kit (SDK), which is pre-written, pre-packaged code that allows the app to perform certain tasks. It’s easier for developers to use SDKs than write the entire code from scratch.
Here’s the problem. Some apps are transmitting unencrypted user data to third-party advertisers. They are sending this sensitive data over Hyper Text Transfer Protocol (HTTP) instead of the more secure, HTTPS protocol.
This all initiated with a few SDKs that were used by millions of apps while being built. The SDKs that were used did not implement the HTTPS protocol.
What are the risks?
Unencrypted data can be easily stolen by cybercriminals. It could also lead to malware infecting your gadget. Scary!
One of the researchers said, “The scale of what we first thought was just specific cases of careless application design is overwhelming. Millions of applications include third-party SDKs, exposing private data that can be easily intercepted and modified – leading to malware infections, blackmail and other highly effective attack vectors on your devices.”
Unfortunately, the security team did not release a list of the affected apps, only saying that millions of apps are impacted. They also didn’t say whether both Android and iOS apps are affected.
Is there anything you can do?
The best way to help prevent this type of data leaking is to limit your apps’ permissions it asks for at installation. Read the requests and don’t give them permission to send personal data to advertisers.
For a detailed explanation of how to control your apps’ permissions, click here.
Another way to protect your personal data is to use Virtual Private Networks (VPN). VPNs help hide your online activity. Click here to learn about VPNs and why you should use one.
Speaking of dangerous apps, stop these ones from tracking and violating your kids
A recent study had some disturbing results. It found that over half of all Android apps it studied are not protecting the safety and privacy of children. Not only is this frightening but it’s also in violation of the law.
Tags: Android, cybercriminals, Google, internet, malware, security