Thousands of Android apps fail to protect personal data, say scientists

Millions of Android users are susceptible to having their personal data accessed due to lack of protection, scientists have revealed.

The BBC reports that more than 13,500 Android apps were tested, with nearly eight per cent failing to protect users’ social media login details and even bank account information. 

Though there’s no suggestion that the apps themselves are using this security breach for improper means, personal data could be accessed by a “man-in-the-middle” as information is passed between devices and websites linked to the apps. 

The apps tested, though unnamed, are said to be some of the most popular found in the Google Play store - some of them downloaded millions of times. 

The scientists, from the Leibniz University in Hanover, Germany, set up a fake Wi-Fi hotspot and used a form of malware to spy on data sent from the app.

The group was able to capture login details for banks, email accounts and social media sites, disable security programs and implement codes that made apps carry out specific commands.

According to the researchers, the majority of Android users would be completely unaware that their data had been accessed. 

Google has so far yet to comment on the report.

UPDATE Although Google has not released an official statement about the research, Pocket-lint has learnt from its own sources that similar results could be garnered from looking at applications on other platforms and, even, desktop operating systems.

Obviously this is a concern, but seemingly not one unique to Android.



>