Free apps come with a price. More often than not, free app developers request permission upon download to access a smartphone's user data to monetize advertisements within the app. An Android and iOS on-screen keyboard app called AI.type recently failed to secure their user database server with a password, allowing anyone to access 577 gigabytes of sensitive data. According to security researchers at the Kromtech Security Center, the server contained information on 31,293,959 AI.type users.
AI.type differs from other keyboard apps since it can be customized and personalized, and has a text prediction system that functions well. However, researchers found that AI.type users must allow the app to access all of their data on their smartphones fully. These include phonebook contents, search history, keyboard logs, location history, and other private information. Bob Diachenko, head of communications at Kromtech, says that these are the contents of the information database server that was recently compromised. Eitan Fitursi, the owner of the information database server, acknowledged the compromise and secured the server, but only after Kromtech made several attempts at contacting him.
A breach in security like this presents a real danger for the billions of users of free apps. Many criminals online take advantage of this information to scam people and to commit fraudulence. Over 2.32 billion people around the world have smartphones as of 2017, and the number is growing yearly. These people use their gadgets as their “store-all” - a safe for their passwords, credit information, and what not. Some even use their smartphones for work, compromising the privacy of companies.
It's difficult to avoid using free apps, especially if the apps you use are useful in your everyday life. But how do you protect yourself from events such as the recent security breach above? Here's a list of things to keep in mind before downloading an app:
Keep track of information the traditional way – Always keep your passwords, credit information, and other sensitive data away from the online world. Free apps or not, many hackers can virtually enter your smartphones and collect data without your knowledge. If you're looking to download a bunch of free apps, make sure you do not have any sensitive information on your phone.
Avoid downloading suspicious-looking apps – Before you even download an app, the page on the store will have a section for user reviews and comments. Make sure to browse through these to get a grasp on what it is you'll be installing on your phone. Many apps may look innocent, but a further look at it using online reviews, screenshots, and comments may prove otherwise.
Be a detective and do some background research – Not all good reviews mean that an app is good. There are people being paid to write good reviews about an app, and it's more common than you think. Open up your favorite browser and search for the developer name or the company name (which is usually indicated on the app's store page), and check for any discrepancies, especially in security.
Make sure you trust the app before you even download it – Before hitting that “download” button, make sure you need the app, and it's not just your impulsive side taking hold of you. Most of these apps, especially the free ones, require full access to your phone's data. App developers need your data to customize advertisements in the app to be able to earn from it.
Stay up-to-date and in the loop on tech and security news by visiting Cyberwar.news.