Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Data Gathering Apps Uncovered on iPhones

BitDefender UK : 19 July, 2012  (Technical Article)
Bitdefender research uncovers iPhone apps that access data and contact information without reason or explicit knowledge from users
Research conducted by Bitdefender has revealed almost one in five iOS apps can access a user’s iPhone Address Book, while some 41 percent can track your location and more than one in three store user data without encrypting it. The study of more than 65,000 apps distributed widely on the Apple App Store revealed tens of thousands tap contact information and access data without explicit user permission.

While many apps clearly use these privileges to function, others have no obvious use for the data they may be collecting, ranging from accessing a user’s phone book to tracking usage. By default, apps on the App Store only ask for permission to access location–related services and not when accessing the Address Book or other functions.

Bitdefender’s analysis included 65,000 of the more popular apps in the App Store and found only 57.5 percent encrypt stored data while the rest do not, potentially placing the user’s data at risk after accessing it.  Some 41.4 percent of the apps analysed can track a user’s location, meaning most iPhone owners are likely to have at least one app on their device capable of knowing where they are.

Location tracking used in contextual ads that display based on a user’s geo-location is highly controversial, yet common. This type of information can be sold to companies, helping them build effective marketing campaigns. Bitdefender’s study did not cover all available apps so the numbers and ratios may change when extrapolated across the whole App Store.

The research also revealed 18.6 percent of the apps can access a user’s Address Book, including all contact details. The only legitimate reason for an app to access the user’s Address Book would be to transfer contacts or merge social media contact details with your on-device phone numbers. It’s unlikely almost a fifth of all apps need Address Book information to function. Chances are high many apps access Address Books without a user’s knowledge.

Bitdefender also found 30.7 percent of the apps analysed can display ads and 16.4 percent can connect to Facebook. Other functions include tracking usage through Flurry analytics, Google Analytics of Mobclix analytics. Some apps use all three analytics software. Hundreds of apps analysed also use an iPhone’s Unique Device Identifier (UDID) which can identify the owner, while hundreds more use background Voice-over-IP, Open Feint usage tracking and more.

“It is worrying stored data encryption on iOS apps is low and location tracking is so prevalent. Without notification of what an app accesses, it is difficult to control what information users give up,” said Catalin Cosoi, Chief Security Researcher at Bitdefender. “We see a worrying landscape of poor user data encryption, prevalent location tracking and silent, unjustified, Address Book access.”

Private data may be used to determine an individual’s behaviour patterns including, but not limited to, profiling for marketing activities. Collection algorithms and patterns are sometimes used to reveal much more, including user identity. There is no publicly accessible database for user education and awareness on these privacy concerns.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo