Almost nine percent of popular apps downloaded from Google Play interact with websites that could compromise your security and privacy, says a study.
Although apps connect to a complicated network of websites, both to function and generate advertising revenues, most users do not know their private information could compromised, said one of the researchers Michalis Faloutsos, professor at University of California, Riverside in the US.
"We focused on a relatively neglected aspect of security research, which is the potential for good apps to leak personal information through the sites they interact with.
A lot of people believe that if an app is popular or available on one of the big app stores then it must be safe, and we suspected that wasn't the case," Faloutsos said. The researchers conducted a large-scale analysis of URLs embedded in 13,500 free android apps downloaded from Google Play.
The apps tested were created by reputable developers and downloaded by many people, among them popular social media, shopping, news and entertainment apps.
By developing and using a tool called AURA (Android URL Risk Assessor), the team identified more than 250,000 URLs accessed by the 13,500 apps, which they cross-referenced for trustworthiness using VirusTotal, a database of malicious URLs, and Web of Trust (WOT), a popular website rating system.
The team is now developing a tool that allows users to evaluate the riskiness of individual apps before downloading them. The team will present their findings at the IEEE GLOBECOM conference in San Diego, US on December 8.