Android Apps Collect Personal Data – But just how much may surprise you

Uploaded on 2015-01-20 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

A new study looking at how mobile Android apps track smartphone users has revealed some interesting facts about Android applications, InfoWorld reports, finding that many apps collect plenty of personal data in an attempt to track users online and serve them targeted ads in the process.

Two French organizations, including the French National Institute for Informatics Research (INRIA) and the National Commission on Computing and Liberty (CNIL), installed a monitoring app on Android phones belonging to 10 different people, encouraging them to use the handsets as they normally do.

For a three-month period, the volunteers collectively used 121 apps, with Mobilitics recording every time one of these apps accessed personal data, including location, identifier, photos, messages and other info. The app also tracked whether the data was transmitted to a server or not.

Almost two-thirds of apps accessed at least one identifier, 25% of them accessed at least two identifiers and a sixth of apps three or more, the study found. However, it’s not clear what kind of devices were used, or what Android OS version they were running.

Location accounted for 30% of all personal data accessed, with the study revealing some interesting numbers. For example, the Facebook app recorded one person’s location 150,000 times during the three-month period, or more than once per minute. The Google Play Store tracked a user’s phone 10 times per minute at certain times. One game recorded a user’s location 3,000 times while it was in use.

But the most amazing stat belongs to an unspecified default Android app made by Google, which checked a user’s location 1 million times in one month.

As the study reveals, it’s pretty easy for app developers to track users by simply looking at a phone’s Wi-Fi and/or Internet state, with the resulting data being enough for target advertising. Additionally, the data can be aggregated in order to profile users and their social networks even better.

BGR:  

 

« Coming Soon. How Surveillance and Privacy will Overlap in 2025
Snowden Says US Creates A Black Market for Digital Weapons »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Hotlava Systems

Hotlava Systems

HotLava network adapters enable today's powerful servers and workstations to deliver more productivity by reducing congestion at the network interface.

IoTium

IoTium

Secure Cloud Managed Software Defined IoT Networks. IoTium simplifies establishing and managing secure network infrastructure for Industrial IoT.

Egerie

Egerie

EGERIE's RiskManager solution provides a Global, Centralized, and Updated view of risk maps and security measures for your company.

Mastercard

Mastercard

MasterCard is a leading global payments solutions company that serves consumers and businesses in over 210 countries and territories worldwide.

Black Kite

Black Kite

Black Kite (formerly NormShield) provides comprehensive Security-as-a-Service solutions focused on cyber threat intelligence, vulnerability management and continuous perimeter monitoring.

QOMPLX

QOMPLX

QOMPLX integrate, contextualize, and analyze data from virtually any source to help you identify operational risk and inefficiencies throughout the enterprise.

Swiss Cyber Think Tank (SCTT)

Swiss Cyber Think Tank (SCTT)

The Swiss Cyber Think Tank is a business network for Cyber Risk & Insurability, providing an industry-wide networking platform for insurers, technology and security firms.

Zighra

Zighra

Zighra is a leading provider of On-Device AI solutions for continuous authentication and fraud detection on mobile and web applications.

CYRail

CYRail

CYRail project will analyse threats targeting Railway infrastructures and develop innovative attack detection and alerting techniques.

IdentityIQ

IdentityIQ

IdentityIQ is a US-based identity theft and credit protection company designed to help users stay on top identity thieves and data breaches.

BLOCKO

BLOCKO

BLOCKO is a blockchain specialized technology company that has experienced and achieved the largest amount of business in South Korea.

SecureStack

SecureStack

SecureStack helps software developers find security & scalability gaps in their web applications and offers ways to fix those gaps without forcing those developers to become security experts.

Telstra

Telstra

Telstra is one of the world's leading telecommunications and technology companies, offering a wider range of services from networks and cloud solutions to mobility and enterprise collaboration tools.

Artifice Security

Artifice Security

Artifice Security will demonstrate real-world attacks on your network, web applications, infrastructure, and personnel to expose your hidden security risks.

Rapifuzz

Rapifuzz

At Rapifuzz, our goal is to help organizations test and secure their APIs enabling trust, innovation and Seamless Secured Digital Experiences.

Bridgenet Solutions

Bridgenet Solutions

Bridgenet specialises as a top-notch Information and Technology Solutions Provider for businesses.