Sign up for The Paypers newsletter Follow The Paypers on LinkedIn Follow The Paypers on Twitter Follow The Paypers on Facebook
The Paypers, paypers, Insight in payments, News, Reports, Events
 advertisement
Digital Identity, Security & Online Fraud

Over 1,000 Android apps found to harvest data even after owners explicitly say no

Tuesday 9 July 2019 | 10:34 AM CET

Researchers from the International Computer Science Institute have found up to 1,325 Android apps that were gathering data from devices even after users explicitly denied them permission.

The apps gather information such as location, phone identifiers, etc. The study looked at more than 88,000 apps from the Google Play store, tracking how data transferred from the apps when they were denied permissions.

The experts presented the study in late June 2019 at the Federal Trade Commission's PrivacyCon and notified Google about these issues in September 2018. Google said it would be addressing the issues in Android Q, which is expected to be released in 2019. The update will address the issue by hiding location information in photos from apps and requiring any apps that access Wi-Fi to also have permission for location data, according to Google.

For instance, researchers found that Shutterfly, a photo-editing app, had been gathering GPS coordinates from photos and sending that data to its own servers, even when users declined to give the app permission to access location data. Some apps were relying on other apps that were granted permission to look at personal data, piggybacking off their access to gather phone identifiers like your IMEI number.

Computer Science Institute announced will be releasing details with a list of the 1,325 apps the researchers discovered during the Usenix Security conference in August 2019.

More: Link
 advertisement
 advertisement
 advertisement
 advertisement