Pokémon GO … Ahead and Collect My Personal Data: Top Apps That Put Data at Risk

September 2016: Your favorite apps may be super useful and super fun, but are they also super risky?

Some are! And not just the apps that you’d suspect in the first place. Pokémon GO, for example, gave its developers full access to some users’ Google accounts. This included the ability to change, copy and delete files — yikes. It’s the latest in a long list of popular but risky apps. Is your favorite app on the Top 10 risky app list?

What’s up with Pokémon GO?
The game that became an instant worldwide sensation in July allowed developers root level access to the Google accounts of people who signed up through Google on their iPhones or iPads. This is the highest level of access there is. It probably wasn’t on purpose — who needs that kind of PR? — and it has been corrected. But it’s a great big red-flag reminder that just because something is popular, it doesn’t make it safe. Pokémon GO users hit nearly 45 million at its peak (it has since declined).

Privacy policies are often written to grant the developer the widest possible latitude and can include language that gives it full ownership over anything you’ve given it permission to collect, including your personal data. The Pokémon GO app privacy policy, for example, states that any personal data collected about you is a business asset that belongs to the game. Yes, you read that right.

Cleaning up your Google permissions
If you signed up Pokémon GO via Google on your Apple device, log into your Google Account and click this link to remove access. And while you’re there, double-check the other apps you’ve given access to — do you still want them to have access?

Now would also be a great time to do Google’s privacy checkup. The company recently updated its policies and you may have allowed new permissions without realizing it. Go here while logged into your account to do the checkup.

Apps that mine your data on purpose
Some criminals are also savvy app developers. They do their best to try to trick you into giving them access to data or letting them control your device. They have all kinds of reasons for wanting to get inside your phone — to find something to sell, send scam texts or emails, use your camera or microphone, install malware and apps without your knowledge, and do other things that can make your device theirs.

These scammers are also good at creating evil-twin apps that look and behave like the app you really wanted to download, complete with knock-off logo. Whole families of apps are created for this purpose.

Top 10 banned apps
Some apps are so risky that companies ban them from devices that can access business data. A report by CloudLock called The Explosion of Apps: 27% are Risky analyzed anonymous usage data from more than 150,000 apps and 10 million users to develop (among other things) its Top 10 Banned Apps list.

If you use any of these apps on your mobile device, you could be unknowingly allowing them to root your personal data. We renamed the most popular ones for fun:

  • WhatsApp Inside Your Phone?
  • Pinteresting Stuff You’ve got In This Phone
  • Zoho-ho It’s Funny How Much Data We Can Collect
  • Airbnb Your Data To Complete Strangers
  • SoundCloud Your Private Info Along With Your Music

The others on the Top 10 list include Sunrise Calendar, Power Tools, FreeRider HD, Madden NFL Mobile, and CodeCombat.

There are many, many more banned apps. Thousands, in fact. About half of ALL available third-party apps have been banned by many enterprises. CloudLock researchers found that there were “22% more breaches [via apps] from January to May of 2016 than during the same time period in 2015,” which explains the bans.

Leapfrog is committed to keeping private data private. Whether it’s the data on your smartphone or the data in one of our ultra-secure data centers, we help you keep what’s yours so you can hop along your merry way.

You may also be interested in:
 

 

Discover Leapfrog’s NEW virtual CxO services. Let us help you meet your business growth objectives!