12/28/2017 / By Rita Winters
Free apps come with a price. More often than not, free app developers request permission upon download to access a smartphone’s user data to monetize advertisements within the app. An Android and iOS on-screen keyboard app called AI.type recently failed to secure their user database server with a password, allowing anyone to access 577 gigabytes of sensitive data. According to security researchers at the Kromtech Security Center, the server contained information on 31,293,959 AI.type users.
AI.type differs from other keyboard apps since it can be customized and personalized, and has a text prediction system that functions well. However, researchers found that AI.type users must allow the app to access all of their data on their smartphones fully. These include phonebook contents, search history, keyboard logs, location history, and other private information. Bob Diachenko, head of communications at Kromtech, says that these are the contents of the information database server that was recently compromised. Eitan Fitursi, the owner of the information database server, acknowledged the compromise and secured the server, but only after Kromtech made several attempts at contacting him.
A breach in security like this presents a real danger for the billions of users of free apps. Many criminals online take advantage of this information to scam people and to commit fraudulence. Over 2.32 billion people around the world have smartphones as of 2017, and the number is growing yearly. These people use their gadgets as their “store-all” – a safe for their passwords, credit information, and what not. Some even use their smartphones for work, compromising the privacy of companies.
It’s difficult to avoid using free apps, especially if the apps you use are useful in your everyday life. But how do you protect yourself from events such as the recent security breach above? Here’s a list of things to keep in mind before downloading an app:
Stay up-to-date and in the loop on tech and security news by visiting Cyberwar.news.