Is Your App Conspiring to Make Your Private Information Public?

By on Sep 29, 2015

Apps!

They help us make the most of our time and bring ease in our busy lifestyle with just a few clicks on our smartphone. Everyone has that one app that they just can’t do without. Be it an indispensable communication app, or to hail a cab in the end of an exhaustive party, or pay a pending utility bill without standing in a long queue or to locate a restaurant – we all have our favourite.

And yet, there is concern: some of the apps want way too much information, much more than they actually require.

We have a lot of valuable data stored in our phones – our friends’ names and addresses, our photos and videos, our recent online searches, our banking details and more. Would you feel comfortable knowing someone has access to this personal data and may be even misusing it for their benefit? The answer is a definite NO!

But some of the apps that we use on a daily basis do access a lot of our data, round the clock.

Now a couple of questions come to our mind:

  • Why do app developers collect information from our phones (if we took care to read the Terms & Conditions before hitting on “I Agree,” we would know)?
  • Do they really need all that information for the apps to run?

Well, app developers need to access some of the data on the phone for the installation and functioning of the app. For example, if we use an app to find cabs, the app would require our phone number, name and location. A reminder app would need to access our e-mails and planner to search for events and set reminders. Apps also collect our search history to make suggestions for us: help us find friends, look for a holiday destination and improve apps based on our preference and usage.

This access to data becomes a concern when app developers start sharing this information with a third party for purely commercial reasons. Or if the site gets hacked.

When children download apps, (and they do download a lot of apps, right?) they keep checking the agree tabs, to finish the process. This is how they generally proceed:

  • App would like to access your contacts, pics, places -*check the box*
  • App would like to know your location – *check the box*
  • App might require to store your data to offer improved experience – *check the box*
  • App may share your information with third party -*check the box*
  • ‘I have read the terms and conditions and agree’ -*check the box*
  • Confirm – *check the box*

And it’s done!

But children and adults may not realise exactly what data they have allowed the app to access and share with others. Apps can easily collect personal information and some of them maybe sharing the personal information with third parties, while some redirect the user to a different site, which is not the smartest thing to do in the age of phishing! The most common type of information collected by apps include name, address, phone number and photo, audio or video and some apps even tracking the user’s movements via GPS.

So where do developers get the info?

  • From social media accounts
  • From contact, gallery, media
  • From passwords stored on a website, payment gateway, free sites

A valid concern is that if the developers sell the data to a fraudulent third party or if the site gets hacked, this data will become public. Definitely not something we want to experience for ourselves or even for our kids.

So what should one do?

  • Check the app and read reviews carefully before downloading
  • Read the T&Cs carefully, especially the permission that the app wants
  • Ask around – often friends who have used the app can give good tips
  • Don’t jailbreak phones – it makes them more hackable
  • Use a PIN to secure your phone
  • Refrain from storing important passwords/documents on your phone
  • Always uncheck the ‘save my card details’ box when conducting financial transactions
  • Use a comprehensive mobile security solution

Until next time, remain cautious and read the fine print carefully before giving an app access to data on your device.

Remember, prevention is better than cure which holds ground even more when it’s for your own security and privacy!

About the Author

Cybermum India

Anindita Mishra is McAfee’s Cybermum in India. A Pune-based freelance writer, teacher and devoted mother of two- Anindita has always been a vocal advocate for issues tied to children's welfare and development. Like many Indian parents, Anindita wants to make sure that her children are safe wherever they go, in the real or virtual world. ...

Read more posts from Cybermum India

Subscribe to McAfee Securing Tomorrow Blogs