Published August 01, 2013
Looks like you really do get what you pay for.
A new study from app analysis firm Appthority finds that 95% of the top 100 free apps for both iOS and Android exhibited at least one kind of privacy-compromising behavior, compared to 78% of the top paid apps.
These freebie apps are putting users’ privacy at risk with behaviors like tracking location, leaking address book contacts and identifying the user or using single sign-on (SSO)--which allows a single company to track users across multiple applications, according to Appthority.
The biggest disparity between free and paid apps is that more free apps (73%) track for location, compared to less than half of paid apps (41%). Sixty seven percent of free apps use SSO and half will share data with ad networks and analytics.
For iOS, 36% of free apps are games, 14% are social networking apps and 10% are music apps. This compares to Android, with 43% of free apps being games, 11% social media apps and 10% communication apps.
For paid iOS top apps, 52% are games, 13% are photo apps and 5% are entertainment apps. On the Android side, 38% of the top apps are games, 15% are tools and 10% are productivity apps.
The average consumer doesn’t realize downloads can compromise personal data, says Ari Zoldan, CEO of consulting firm Quantum Media Holdings.
“It’s not even a thought that there is potential for data leakage,” Zoldan says. “I think the phone is something very personal, so people don’t realize that when they download an app, something may be taken out of their phone—it’s not on anyone’s radar.”
Consumers will likely be even more surprised that nearly 80% of top paid apps leak data in some way, he says.
“I think that if you are going to pay, rather than get something for free, the effort will always be there [to have a better-developed product]. If you are putting money down to purchase a product, at the very least you should get security in return, that should be No.1.”
Part of the reason consumers are so unaware is that apps are stress-tested by and large by those in the tech community.
He explains that data leakages often aren’t caught until an app hits the market because they tend to be stress tested by those in the tech community.
“Apps are developed to perform a function and only under serious ‘stress test’ environments and conditions do flaws become readily available,” Zoldan says. “If you design an app to track your mother, especially if she frequently forgets where she is, then it might seem that the app is flawless until your neighbor says that they too can access the information. Once the problem is recognized, then you can fix it. Paid for apps typical don’t have ads, which may or may not track user information more readily.”
iOS users may be at greater risk for data leaks, Appthority reported, with 91% of iOS apps exhibiting at least one risky behavior, compared to 80% of Android apps.