Without the proper patch, app vulnerability could lead to Android users having their personal data exposed by attackers. This is because of a critical flaw that has been exposed in Android devices that are running Android 9.0 and older. This means that up to 90 percent of Android users could be susceptible. If cyber criminals exploit this security hole, hijackers can steal a victim's sensitive data.
Thankfully, there have not been reports of malware that exploit this vulnerability being used by cyber criminals. Android released a patch in April 2020 for Android users who have Android version 8.0 and 8.1. An additional patch for Android 9.0 was released shortly thereafter.
The thought of having sensitive data released through an app should be enough to give most app users pause. This is because of the amount of information we store and transmit via our apps.
Just think how everyday millions of people in the US and UK are turning to stock trading platforms to make money and supplement their income. These individuals are trusting their financial present and future to the information they transmit and store on these apps. Having that data compromised could literally put their financial future in jeopardy.
In 2017, FaceApp was released. During the summer of 2019, this app, which showed people what they would look like if they were older, went viral. In just a few weeks they added 12 million new users. You could not go on social media without seeing your friends putting up their photographs of them looking aged and wrinkled. The app proved to be quite entertaining.
When users accepted the terms and agreements of FaceApp, they were giving the publisher the right to reproduce, adapt, and publish the name or likeness provided. It shocked users when they realized that the company behind FaceApp was based in St. Petersburg, Russia. There was a legitimate fear among many that key sensitive personal data had been handed over for a funny-looking selfie.
This is just one example that shows the catch-22 of allowing apps to access your sensitive data but wanting to maintain privacy. Many apps request permission to access your camera, location, microphone, and files. This is all the sensitive information gathered on your device.
Interestingly, while many people believed that FaceApp was stealing personal information, the truth is that users voluntarily gave it away. Most users fail to understand who is behind the creation of the apps that they use. They don't understand what these app creators can do with personal data, so they voluntarily grant access to data to apps that don't legitimately need access. This opens people up to be victims of data abuse, scams, and hackers.
Cyberattack scenarios are extremely dangerous with apps that collect sensitive data such as health information, location, contacts, or finance-related apps – such as stock trading apps Robinhood, Acorns, and Stash – online banking apps, online shopping apps, basically anything that has your financial information such as credit card number. It's important to enable two-factor authentication and create strong passwords to avoid any inconvenience. However it won't be useful without checking the permissions you're giving before you accept terms and conditions – some apps are specifically designed to steal your data.
When you use any app, privacy should be first and foremost on your mind. Most apps will publish their privacy policy. Unfortunately, users don't always read this policy but simply click "accept" because they want to use the latest app.
This complacency is dangerous. App users should feel uncomfortable about having apps access private information on their devices.
It is not wrong to use a free app. However, users need to understand that the makers of free apps, like every other app maker out there, want to make a profit. If they cannot make money by charging you for the app, they will look at alternative ways of making money. As a user, you are usually trading privacy and data for the use of a free app or service. The same is true with free social media tools and web browsers. They make their money by mining user data and selling the information to advertisers.
You should be concerned about what companies are doing with your data. It does not matter if they are scrupulous or nefarious. They will sell your data for advertising. They might target you for political advertising. Worst-case scenario, nefarious organizations will use your information to perpetrate identity fraud, financial hacking, or even some form of espionage for the organization you work for.
There is no telling where your data can end up. For example, your data could fall into the hands of companies that provide information for background searches. It's easy to imagine the damage that could be caused if private information on your cell phone fell into the hands of a would-be employer or landlord. When you grant access, you are putting yourself and your information at risk.
Many argue that app developers should be more responsible for ensuring that user's private information is protected. However, app developers are not in the business of privacy. They want to make money.
Sometimes, maintaining user privacy and making a profit go together. For example, financial apps and apps that have access to banking accounts such as payment solutions, Social Security numbers, etc. usually benefit if users feel confident that their private data is being protected. Apps that have financial data are prime targets for hackers. And these app developers realize that if their apps get hacked or if their user's private information is disclosed, they will lose clients and money and may face legal action. In these cases what is in the best interests of the end-user as far as privacy is concerned is in the best interests of the app designer.
However, app designers in other fields are not taking encryption and other forms of security as seriously as many believe they should. Many believe that app stores, like Apple App Store and Google Play Store, should be stricter in enforcing security standards, especially for apps that have access to sensitive data.
At the end of the day, it is the user's responsibility to be serious about protecting their data. You should see your data as if it were the same as your net worth. For many businesses, your data is worth its weight in gold.
Take the time to read user agreements before you download an app. Understand permissions before you say yes. Read the fine print. And look at reviews of others who have used the same software. All of this can help you protect yourself from apps that could potentially exploit your data.
Join our WhatsApp Channel to get the latest news, exclusives and videos on WhatsApp
_____________
Disclaimer: Analytics Insight does not provide financial advice or guidance. Also note that the cryptocurrencies mentioned/listed on the website could potentially be scams, i.e. designed to induce you to invest financial resources that may be lost forever and not be recoverable once investments are made. You are responsible for conducting your own research (DYOR) before making any investments. Read more here.