Blog / Bon App-étit! – Beware of Appealing Applications!
Everyone with a smart phone is familiar with a Mobile App (Application) Store. Google Play, Galaxy Apps, and Apple App Store are the most popular of the lot. Then you have LG SmartWorld, Huawei App Store, Sony Apps, Amazon Appstore, and on the options go. That doesn’t even include third-party App stores, which are like Apps-within-Apps. There is no shortage of Social Media, lifestyle, games, news, and entertainment apps available to integrate into your daily life. In turn, it is widely accepted that we are allowing some of our own information to be visible, once we allow an application to be downloaded onto our device.
Both Google Play and the Apple Appstore house over 2 million applications each. Many of the Apps available are “Official Apps.” Apps like Facebook, Instagram, Pokémon GO, and Spotify are all Official Applications. They are created in-house by their respective companies and designed specifically for each Operating System. These mainstream Apps are generally safe and cause no harm. They are widely marketed and have millions of users around the world.
“Third-party” Apps are what the user needs to worry about. Third-party Apps are generally created by individuals who follow a simple process of launching their Apps on the store. Third-party Apps will usually be presented as one of two things:
An add-on or enhancement to an Application you already have – E.G.: The popular “See Who is Looking at My Profile” type-of Apps. They are advertised as an enhancement to your Facebook, but not developed or marketed by Facebook.
An alternate option to a more prominent or expensive App – E.G.: NordVPN (a highly-rated and used Virtual Private Network [VPN] service) may cost more than the average user is willing to spend. There are dozens of other 3rd party VPN services that will appear on your App store, if you search “VPN.” After scrolling through a page or two of the professionally-developed and supported offerings, you will start to see random options from boutique vendors listed by their first names and operating from locations all over the world. They come and go frequently. They may even look like direct imitations of the primary Apps that require a payment or subscription.
“What is the problem?”, you may be asking. With independent vendors, you never really know who you are giving your information to and what they are going to do with it.
Here is a brief scenario for you to think about, before continuing to download what you think is just a harmless tool:
Each Application you download must come from somewhere. It is the same concept of “the Cloud.” It must come from a physical location, a host-server. It is going to be somewhere in the world, and some servers are going to be more secure than others. You can be confident that an Application like “Instagram” likely has the proper Security Protocols in place. But something like a “See Who is Looking at My Profile” App, might be coming from an unsecured server located in the vendor’s basement in Kazakhstan. What happens when that host server is compromised or hacked?
All the unlucky customers who downloaded this App, just had their information stolen and is now potentially being sold over the Internet. Alternatively, maybe this Application was nefarious to begin with, and so your most private details are now in the hands of multiple ill-intended people.
Mobile Applications can be equally harmless and dangerous. Once downloaded and given permission to install, you might grant full access to your private information to someone sitting in their basement in a remote part of the world.
As far-fetched as it sounds, it’s not an uncommon occurrence.
How can you protect yourself?
Simple; do some basic research:
Read the App Description – Does it perform the intended function without extraneous features? Extra features usually mean more information-gathering.
Read the Reviews – Dig into reviews beyond “the Top 5” in the list, paying careful attention to instability or information loss comments.
Read the App Policy – Do they describe information Security Protocols?
Perform a Web Search – A web search might expose some independent comments about the reliability and history of the vendor.
Check for grammatical and spelling errors – A sure sign of a suspect App is poorly-written descriptions and documentation; they don’t even bother to use spell-check.
It is not a difficult process to get one of your Applications on an App store. Use these quick tips to ensure you really know who-and-what you are allowing to access your data.
If you have any questions about Mobile App Selection, you can reach out to your TRINUS Account Manager for stress-free IT.