techaeris.com
A new Georgia Tech study has found that in app ads are leaking users personal data to the developers of the mobile app itself. This could potentially give data miners a way to mine personal information by simply developing a free app with in app ads. Georgia Tech conducted the study on 200 users using a custom-built Android app and testing the Google Ad network. Due to “leakage” between the ad network and the app developers software, the app developer could gain access to personal data.
Researchers
found that 73 percent of ad impressions for 92 percent of users are correctly
aligned with their demographic profiles. Researchers also found that, based on
ads shown, a mobile app developer could learn a user’s:
- gender
with 75 percent accuracy,
- parental status with 66 percent
accuracy,
- age group with 54 percent
accuracy, and
- could also predict income,
political affiliation, marital status, with higher accuracy than random
guesses.
On desktop advertising is protected by the Same Origin Policy but according to Georgia Tech the same rules do not apply to mobile app developers.
“People use
their smartphones now for online dating, banking, and social media every day,”
said Wenke Lee, professor of computer science and co-director of the Institute
for Information Security & Privacy at Georgia Tech. “Mobile devices are
intimate to users, so safeguarding personal information from malicious parties
is more important than ever.”
Georgia Tech has contacted Google about the mobile in app ad leakage issue and has given the company its research and findings.
“Free smart
phone apps are not really free,” says Wei Meng, lead researcher and a graduate
student studying computer science. “Apps — especially malicious apps — can be
used to collect potentially sensitive information about someone simply by
hosting ads in the app and observing what is received by a user. Mobile,
personalized in-app ads absolutely present a new privacy threat.”
No comments:
Post a Comment