British Virgin Islands-based VPN service ExpressVPN Digital Security Lab has released a new report revealing the importance of location SDKs in dating apps.
Your online privacy becomes an issue as apps and corporate websites follow you without your permission and target you because of the information you provide online. But the importance of questionable location trackers proliferates among the dating apps you use.
Location data is commonly harvested from your smartphone. It can enrich user profiles and provide insight into user behavior through intimate details of a user’s movements. Data collected by location and proximity sensors could end up in the hands of law enforcement, intelligence agencies and the military organizations. This huge amount of data on the movements of populations can threaten the privacy of ordinary people around the world with potential human rights issues.
ExpressVPN Digital Security Lab worked with Esther Onfroy from Defensive Laboratory Agency and used the application scanner provided by Exodus Confidentiality to analyze 450 apps among messaging, gaming, social and shopping apps used by everyday consumers.
He used a combination of automated tools and manual analysis to determine if there are “signatures” or credentials for a tracker in the code of an application, gathering other interesting information such as Network endpoints with which the application can communicate.
To do this, it downloaded and unzipped each application installer, disassembled machine language into human-readable source code, searched the source code for tracker signatures and other identifiers, and correlated its results with web databases, public information and app stores.
He found that all the apps he analyzed contained questionable trackers. Together, these apps have been downloaded at least 1.7 billion times by consumers around the world.
He identified 64 dating apps that have been downloaded at least 52 million times around the world. These location trackers are associated with several companies such as X mode (subject to a ban by Apple and Google), OneAudience, and Predicio, among others, who have been arrested on several occasions for violation of privacy.
X mode appeared in 44% (199) of the 450 applications analyzed. Despite the ban, only 10% of these apps have been removed from Google Play.
These dating apps remain available for massive download at the end of January 2021 from the Google Play Store and specifically target a range of sexual orientations and dating preferences, as well as a wide range of national, ethnic and racial groups.
These include apps such as Jack’d – Gay Chat & Dating (five million downloads), FEM – Free Lesbian Dating App, Chat and Meet Singles (one million downloads), Encore – Single Parents and Divorced Dating and Chat (500,000 downloads), Black Dating – Meet Black Singles Online Nearby (100,000 downloads) and Asian Mingle – Free Asian Dating & Singles Chat (100,000 downloads).
They also cover more generic dating apps like Mingle2, which claims to have more 39 million members.
The privacy of consumers is increasingly threatened. When you download an app, you cannot take advantage of privacy-protecting research like Xayn, you are at the mercy of the application. Many apps won’t work without location services, and some updates stealthily re-activate settings.
But do you live a life without the apps that bring you joy and keep your location a secret, or do you accept that that data may, one day, be used against you in some way? The choice is yours.