According to a recent study conducted by researchers from the International Computer Science Institute (ICSI), more than 1325 Android apps are breaching data that is available on the phone even after the users deny access permission to them. The research detailed at how a number of Play Store apps are able to ignore the user’s permissions in order to access and share data available on your smartphone. The data that these apps have access to include your location history.
There are some pretty popular apps that are on the list too including the Shutterfly app. Baidu was also there collecting data through its mapping service which means that apps like the Hong Kong Disneyland app, which use Baidu’s mapping service, have been collecting data without permission. Other popular apps like the Samsung Health and Samsung Browser app also used Baidu back-end and collected data, resulting in other Baidu apps being able to read that data.’
However, there are fixes coming soon for some of these issues in Android Q, according to the researchers, who say that they have notified Google about the vulnerabilities last September. Yet, this may not help the many current-generation Android phones that won’t be getting the Android Q update. (As of May, only 10.4 percent of Android devices had the latest Android P installed, and over 60 percent were still running on the nearly three-year-old Android N.)
While the tech giants like Google and Apple are working hard to improve their privacy setting, as in to avoid unnecessary breach and sharing of data, the new study has made it harder for Android users to put their trust upon a number of apps. The study was presented by Serge Egelman, director of usable security and privacy research at the ICSI, in late June at the Federal Trade Commission’s PrivacyCon. The researchers have also been awarded at the Usenix Security Conference for their work towards highlighting the issues in Android apps.