sb-au logo
Story image

Popular Android apps track users and violate Google's policies

20 Feb 2019

Most Android devices come bundled with Android’s Advertising ID, which is something of an older piece of data collection software that could track a device’s Android ID, IMEI number, MAC address, and even the SIM card’s serial number.

While many Android users may not be aware that it exists, app developers and third parties are definitely aware – and they’re using that information in ways that people may not be happy about.

Android’s Advertising ID is away of controlling a ‘persistent identifier’, or something that identifies a user and their device, explains AppCensus.

Developers and third parties can use those persistent identifiers to profile users as part of behavioural tracking, where they show ads based on your behaviours and your interests.

Web browser cookies work in much the same manner – and you can easily clear those cookies. But with Android (and iOS) persistent identifiers, the process is much more difficult.

Android Advertising ID was supposed to limit ad tracking from persistent identifiers, but according to AppCensus and security firm Sophos, thousands of apps are ignoring Android’s privacy-preserving policies.

As of September 2018, AppCensus’ app database picked up 24,000 apps that transmitted a user’s advertising ID. 17,000 apps also transmitted an ad ID alongside other persistent identifiers.

This is in direct violation of Google Play Store’s policy, which states that, "The advertising identifier must not be connected to personally-identifiable information or associated with any persistent device identifier (for example: SSAID, MAC address, IMEI, etc.) without explicit consent of the user."

“Based on the data recipients of some of the most popular offenders, these are clearly being used for advertising purposes,” writes AppCensus.

In many cases, those apps have millions – if not billions of users. Some of the offending apps include:

  • Clean Master – Antivirus, Cleaner & Booster (1 billion users) – transmits Ad ID and Android ID
  • Subway Surfers    (1 billion users) – transmits Ad ID and Android ID
  • Flipboard: News For Our Time (500 million users) – transmits Ad ID and Android ID
  • My Talking Tom (500 million users) – transmits Ad ID and Android ID
  • Temple Run 2 (500 million users) – transmits Ad ID and Android ID
  • 3D Bowling (100 million users) – transmits Ad ID and Android ID and device IMEI
  • 8 Ball Pool (100 million users) – transmits Ad ID and Android ID
  • Agar.io (100 million users) – transmits Ad ID and Android ID
  • Angry Birds Classic (100 million users) – transmits Android ID    
  • Audiobooks from Audible (100 million users) – transmits Ad ID and Android ID
  • Azar (100 million users) – transmits Ad ID and Android ID
  • B612 – Beauty & Filter Camera (100 million users) – transmits Ad ID and Android ID
  • Banana Kong (100 million users) – transmits Ad ID and Android ID
  • Battery Doctor – Battery Life Saver & Battery Cooler (100 million users) – transmits Ad ID, Android ID and device IMEI
  • BeautyPlus – Easy Photo Editor & Selfie Camera (100 million users) – transmits Ad ID and Android ID
  • Bus Rush (100 million users) – transmits Ad ID and Android ID
  • CamScanner – Phone PDF Creator (100 million users) – transmits Ad ID, Android ID and device IMEI
  • Cheetah Keyboard – Emoji & Stickers Keyboard    (100 million users) – transmits Ad ID and Android ID 
  • Cooking Fever (100 million users) – transmits Ad ID and Android ID
  • Cut The Rope Full FREE (100 million users) – transmits Ad ID and Android ID

Google has reportedly taken action against some of the violators.

Story image
Three steps to a security-driven network for a stronger security posture
As the threat landscape continues to evolve and organisations stand to lose so much if they fall victim to an attack, it’s essential to ensure that security measures evolve in line with the network itself.More
Story image
Veeam reports growth as demand for modern data protection increases
“Even with the unforeseen challenges and circumstances that began in early 2020, Veeam continued its rapid growth with its second consecutive year of bookings over $1 billion."More
Story image
Endace and Corelight step in to enhance incident response workflows
Endace and Corelight have entered into a strategic partnership to deliver security teams with insights and detailed forensic data to further enable rapid incident response.More
Story image
CyberCX and AustCyber launch platform to boost Aus cybersecurity industry
"Australia has some of the best cyber talent in the world, but we need to expand the supply of talent coming through the pipeline if we are to have a vibrant and globally competitive economy."More
Story image
How to stay ahead of the next cyber breach
With so many people working from home, the corresponding surge in app usage, unmanaged devices, web traffic and accessing internal resources is making security a much trickier prospect.More
Story image
ExtraHop reveals methods used by attackers in SUNBURST breach
The network detection and response company says between late March and early October 2020, detections of probable malicious activity increased by approximately 150%, including detections of lateral movement, privilege escalation and command and control beaconing.More