Security researchers are warning users over the increasingly intrusive nature of mobile apps, with a new study from Romanian firm Bitdefender highlighting the vulnerability of data on app-heavy Android devices.
Most applications require a certain amount of user information to be downloaded, while others require deeper levels of integration in a device to be able to function, but aggressive advertising and the involvement of third party organisations is seeing more and more data harvested without permission from the user.
Having analysed some 130,000 popular free Android apps, Bitdefender said advertisers breaching user privacy was a growing concern. Some 12.87 per cent of applications in the study were found to collect and broadcast phone numbers without offering explicit notification, leaving Android users unaware of their contact details being circulated among third parties.
The report also found that 12.03 per cent of apps distributed location data to other sources, and 7.72 per cent shared users’ personal email addresses. 6.07 per cent accessed the device’s browsing history, and Bitdefender even found incidences where the users’ photographs were reached by the app.
“The thin line between aggressive advertisers and malware is getting blurrier,” said Catalin Cosoi, Chief Security Strategist at Bitdefender. “While malware may steal passwords and other credentials, aggressive advertisers may collect everything else. Although violating user privacy raises serious concerns, the risk of having collected data used for malicious purposes is greater than most people imagine.”
Many experts now regard the invasion of privacy as the chief security issue in mobile. It was a sentiment expressed by Team Cymru’s Steve Santorelli in our recent analysis of mobile security, with the researcher saying the biggest dangers were not currently from “out and out malware,” but rather apps that do “things with your data in excess of what they should be doing.”
Bitdefender's research on the issues surrounding Android apps corresponds to the wider belief that Google's OS presents more dangers than Apple's mobile platform, but a report last month from mobile analysts Appthority went against the grain and found that apps on iOS actually exhibited "more risky behaviours" than Android.