Exodus and AppCensus—two easy-to-use services that help users learn what permissions an Android app has, as well as what user data it collects.
Most apps collect some information about the user. Sometimes, they really need such data to operate. For example, a navigation app requires your positioning information to build a convenient route for you. Developers often use information about you to monetise or improve their service—with your prior consent. For example, they may collect anonymous statistics to find bottlenecks in their app and understand along what avenue it needs to be developed.
But some developers may abuse your trust by stealthily collecting information unrelated to their app’s functionality and then selling your data to third parties. IT security firm Kaspersky says that fortunately, you can use a couple of services to bring such apps into the open.
The AppCensus service helps you find out what personal data apps collect and where they send it. Basically a website where one can search about the various apps, AppCensus relies on the dynamic analysis method. The app is installed on a real mobile device, granted all the required permissions, and actively used for a certain period of time. All the while, the service keeps an eye on the app to see what data it sends, and to whom, and whether the data is encrypted.
Unlike AppCensus, Exodus Privacy studies apps themselves, not their behaviour. The service analyses the permissions an app requests, and it looks for built-in trackers—third-party modules made to collect information about you and your actions. Developers often equip their apps with trackers provided by advertising networks, which are made to learn as much as possible about you for the purpose of delivering personalised ads. At present, Exodus Privacy (available on Play Store) recognises more than 200 types of such trackers.
Is there any protection against spying?
Kaspersky recommends that you treat mobile apps with caution:
- Do not just install them for no reason. They can spy on you, even if you never use or open them. If you no longer need an app that is already installed, delete it.
- Use AppCensus and Exodus Privacy to scan unfamiliar apps prior to installation. If the result disconcerts you, look for another app.
- Do not necessarily grant apps all of the permissions they ask for. If unclear about why the app would need this or that information, deny access to it.