When was the last time you read and understood the fine print accompanying an app you intend to download and install on your smartphone or tablet? Most people don’t read terms of use and privacy policies, let alone worry about the possibility of their personal information being sold and shared by software developers.
Downloading and installing mobile apps–both free and paid ones–comes with risks. And in the age of Big Data, even the most trivial personal information can be aggregated, segmented, and analyzed to deduce, say, the user’s preferences and interests, making behavioral advertising and geo-targeting easy to carry out.
What Are the Risks of Mobile Apps?
Apple and Google normally vet the apps being offered in their stores. These companies check for viruses or any malicious behavior. However, the ads in the mobile apps can hold security threats. A streaming ad, for example, can link to a malicious site or deliver malware to your mobile device. In addition, some apps have inherent vulnerabilities that can place your mobile device at risk for hacking.
Appthority’s Winter 2014 App Reputation Report studied 400 mobile apps based on the two most commonly used platforms, Android and iOS. Across both mobile platforms, 70 percent of the free apps enable the tracking of a user’s location. 56 percent detect the user’s ID, while 31 percent access a user’s address book or contact list. 53 percent of the free apps share their data with ad networks, while 51 percent have in-app purchasing functionality, which can have potentially costly repercussions. For instance, if your kid plays with a gaming app on your mobile device and there is in-app purchasing, you can end up paying for virtual goods each time your kid clicks the Buy button in an attempt to level up. Paid apps are also inherently risky, according to the recent report from Appthority. 80 percent of the top paid mobile apps were discovered to show at least one of the risky behaviors mentioned earlier.
In some cases, the collection and tracking of user data are vital for the mobile app’s operation. However, many app developers gather more user data than necessary. They may also share the data with third parties.
A corporate blog post by Lianne Caetano at the McAfee Blog offered some disturbing statistics regarding apps. McAfee researchers studied apps and uncovered that 82 percent detect the user’s ID, 64 percent identify the wireless carrier, 59 percent track the user’s last known location, 55 percent constantly track the user’s location, and 26 percent read the apps being run by the user.
How Can You Avoid the Dangers of Using Mobile Apps?
Be cautious and knowledgeable. Download only from reputable app stores, and choose apps that have high ratings and lots of downloads. Stick to official app stores and shun file-sharing sites. If an app is created by a company you’re not familiar with, search the web for information about the app and its developer.
Mind the permissions the app is asking upon downloading and installing. Software developers usually ask for more permissions than they need to run the app because they may envision needing those when incorporating new features in the future. Some apps also have ambiguously worded privacy policies when disclosing the use of your personal data, while some apps don’t come with any privacy policy at all.
Do you want to grant permission for the app to track your geographical data? Does the app really need to access your contact list and emails or to be given the ability to deploy text messages and listen to your calls through the device’s microphone? Do you want the mobile app you use for your note-taking keep a copy of what you’ve written in its servers? It pays to be discerning. So, read and understand the fine print. At the very least, be aware of what data you are signing away to app developers.
