The Computer Emergency Response Team KZ-CERT reports an increase in the number of mobile applications in order to obtain personal information of its users.
The user using the application agrees to grant access to their personal data to the company that manages this application. For example, information about a specific user: location, phone number, information about all the actions in the application that he makes. Also, the application can access the list of contacts, messages, photos, videos and other information.
Developers of applications such as Pootin, GetContact, Who called me, whose number? And Who called, how am I recorded? Request access to the phone book and thereby increase the risk of identity theft of users.
With the advent of social networks, users are also interested in what kind of data are recorded by social platforms, where all their confidential information is stored and how much it is protected from third parties.
Consider this issue on the example of the social network Facebook, which confirmed the fact of scanning personal messages of its users. Representatives of the social network clarified that messages sent via Facebook Messenger are checked for offensive and illegal content.
According to the representative of the company, the images sent by the interlocutors to the chat are scanned, which allows you to quickly identify and respond to illegal content, for example, this applies to photographs showing the exploitation of children. Also, the text of messages is scanned, so Facebook fights against unacceptable and offensive behavior on its platform.
The information collected by this social network can contain your family photos, places you visited, messages that reflect your political ideology, search queries that you entered on Facebook pages and much more.
How to choose the right application
First, review several applications and compare:
The more downloads and the higher the score, the less chance there will be of trouble.
If the application has icons "Editor's Choice" and "Best Developer", this is an extra plus - the name speaks for itself.
Immediately it is worth noting applications with a small number of downloads, poor ratings and descriptions in broken Russian - most likely they are substandard.
Why Permissions Are Needed
Permissions are the actions that an application can perform after installation.
Most of the permissions are serious enough, so review the list carefully and think whether you trust the authors and are ready to resolve these actions? Often, developers ask for redundant access:
The flashlight should only have access to the camera to turn on the flash, and this app still wants to know your location, look at photos, turn on the microphone and check the Internet connection;
a simple notepad does not require any special permissions, but its analogue, which wants to view contacts, locate, access contacts, files and view phone numbers;
The KZ-CERT service recommends that you pay close attention to what the application wants to get and understand what it's for.
The same notes can request access to the Internet to sync with the account or the flashlight also has a compass, so it requests access to the sensors of the device.
But it may also be that at first sight an innocent calculator will write off all the money from the SIM card, because he was given access to SMS, or steals personal photos, because he was given access to the Internet and to files.