Indium Blog

What Are Your Apps Doing Behind The Scenes?

Posted On: July 18th, 2016 | Tags: Cybersecurity PokémonGo Technology

Category:
  • 2016 College Interns

    •

    Hello Everyone,

                    PokémonGo is an iOS as well as an Android application that has taken the world by storm. The object of the game is to search for Pokémon characters anywhere you travel and to catch them using Pokéballs. The first task is to create a Pokémon trainer which is used as your very own avatar. The application tracks the Pokémon in the users select location and the user gets notified when a Pokémon is in the area. When Pokémon are captured the goal is to power them up and evolve them to prepare them to battle in the gym. The game uses Google maps to identify the local surroundings. Google maps and the PokémonGo application randomly select locations and they become Pokémon gyms and Pokéstops. As I stated the gym is where users can battle, earn Pokécoins to buy items and upgrades, and also level up. The user cannot battle in the gym until they reach level five. Leveling up consists of capturing Pokémon, as well as battling. Pokéstops are also randomly selected areas where you can physically travel to and receive items as gifts. Every location in the game has to be physically traveled to such as the Pokémon gyms and Pokéstops, and the game will do the rest.

                    A problem that had occurred with this new application (created by Niantic) the security risks. When a user signs up for the game they are asked to sign up using Google. When signing up the user enters their Gmail address and their Gmail password. A prompt then appears telling the user what the developer will have access to. Most people do not realize it, but the terms they agreed to when signing up give Niantic full access to the user’s Gmail account. According to theverge.com PokémonGo for iOS has just been updated to version 1.0.1, with developer Niantic Labs promising improved stability, crash fixes, and a less intrusive grip on Google account permissions”. Currently, PokémonGo offers a version 1.0.2 in the app store. The latest updates have fixed the security risks involving the extreme Google account permissions. Now (latest update as of this writing), when a user signs up for PokémonGo, a prompt appears stating that PokémonGo would like to know who you are on Google and view your email address.

                    There are many applications that require users to give access to email, photos, contacts, and much more personal information. The objective of this post is to give technology users an idea of how important it is to read what you are giving these applications access to. It is extremely important to keep your information secure because if it gets in the wrong hands there can be harsh consequences. I use PokémonGo as an example because this is one of many current security threats. But, many other applications pose security threats to users. Facebook, Instagram, and Twitter are three social media networks that always ask for access to things such as your camera and photos - if a user wants to post a photo. Many photos and videos now are tagged with locations which also pose a threat and security risk. Although these social media networks may secure your information, there are many applications within the Apple app store or Google play store that may not. With technology evolving on a day-to-day basis this will only get more difficult. It is important to know that all of these random applications that are downloaded are not all safe. So when it comes down to an application possibly being a security risk, ask yourself, "Do I really need this?"

    I wish you all the best,

    Matthew D. Haddad