Risky Permissions: How Much Do Your Apps Know About You?

Mobile apps can be useful and fun, but are they worth the risk?

The average smartphone owner uses about 30 apps each month, but do they check how safe those apps really are?

Typically, people would check the reviews before installing an app, and the general consensus is that the more positive reviews there are, the better. But a lot of 5-star ratings don’t guarantee that these apps are without risks.

A large percentage of apps require permissions before they can be installed, and that puts the users at high risk.

Let’s take a look at some common app permissions that are risky and see how users can protect their private data.

Most Commonly Requested Permissions

Risky permissions are those that allow apps to collect, store, and potentially share personally identifiable information.

Most common, personally identifiable information shared with apps includes:

• Email address
• Username
• Phone number
• Address

Email Address

The email address and username aren’t commonly a guarded secret. But they could expose users to some serious threats if they fall into the wrong hands.

Phishing attacks are gaining momentum, and they no longer look like obvious scam mail. If the downloaded app shares the users’ email addresses and usernames with third parties, they could expose them to dangerous phishing scams. These could lead to stolen accounts, passwords, or credit card information.

Phone Number

Leaked phone numbers allow hackers to use them for sinister purposes. Most people use their phone numbers for a variety of different purposes – from logging into apps and games to using them for two-factor authentication.

With a phone number, a cybercriminal can hijack any existing accounts, reset passwords, and steal more valuable data.

Address

When someone’s physical address is shared with third parties, it exposes them to many dangers. This is not just a matter of cybersecurity, it can even lead to physical harm.

Tracking one’s location can let intruders know when someone’s at home, and when they’re not. This gives them room to plan a burglary or a physical attack.

Deciding Whether to Give the App Certain Permissions

A lot of apps need certain permissions to function properly. Users cannot rely on GPS, for example, if they don’t allow their location to be seen. A flashlight app might need permission to access the device camera so that it can work while someone’s taking pictures.

But does the flashlight app need to know the user’s location in order to function properly? Of course not.

When deciding whether to give apps certain permissions, it’s important to consider whether they are necessary.

46 percent of Android apps and 25 percent of iOS apps seek permission to access the camera, for example. While Instagram would need camera access if the users want to take pictures through the app, this isn’t necessary for a daily horoscope app.

When downloading a new app, it’s best to check which permissions it requires and consider why it needs them. If access to something seems unnecessary, it probably is, so the app is best avoided.

Most apps let users know which data is being collected and where that data is stored. When deciding whether to allow the app certain permissions, a quick look at this information will either assure the users that their data is safe, or it will be a cause for concern.

Safety Tips for Using Smartphone Apps

The best safety tip is to think twice before downloading an app. While they are convenient and better entertaining, downloading them isn’t always worth the risk.

Do Some Research

It does take some extra time to do research before downloading an app, but it’s a must for those concerned about their cybersecurity.

The first step is the most common one – going through the reviews. But even those apps with the best reviews might be hiding certain issues.

Doing a simple Google search of the app’s name, followed by “scam” or “scandal” should give insight into any potential issues caused by the app.

VPN to Encrypt the Connection

An estimated 1.3 billion smartphones have some sort of mobile security software installed. However that’s often not enough to protect a device.

Cybercriminals constantly develop new malicious apps, and antimalware software cannot always catch up with them.

This is where a VPN comes in handy. If a device is infected with malware that’s disguised as an app, a VPN will ensure that nothing can trace the device’s activity. It hides and encrypts the connection to a network, so no outsider can monitor the smartphone and gather private data. Wondering if it is legal? You can read more about it here.

Always checking which permissions an app requires is the first step toward protecting private information. Revoking permissions, doing research, and relying on a VPN can ensure that all data on the device is secured.