March 20, 2012- Apps that are Android smartphone compatible ask for permission to access user’s personal information, transmit data over the internet and track the location of the user. However, once the apps have received approval they are able to shares all the permissions with any and all of the advertisers they want. This could create a potentially serious security and privacy problem researchers said.
Researchers from North Carolina State combed through over 100,000 apps that were selected at random. They found that over 48,100 of the ad libraries that these apps used tracked the location of the user via GPS. They also found that over 18, 575 tracked the phone’s identity or its IMEI number. Nearly 5,000 allowed advertisers to use a GPS to track users and over 4,000 accessed the phone number of the device.
There are many of these ad libraries in existence that generate onscreen ads via associated apps. An app maker received a fee, when the ad is clicked on. A professor from NC State said one such library known as energysource, used an insecure method to load code via the internet. However, malicious behavior was not detected from the app. Nevertheless, they said it posed a security risk by allowing code to download on the go.
This latest research is just more evidence of the existence of gaping holes in the privacy and security of smartphones.