The transmission of this information "represents a privacy risk for users because it allows anyone with access to the data traffic to identify users and their devices, and collect their private search data", stated Citizen Lab in its report.
Recommeded Link: Top 10 Android Lollipop Smartphones with 1GB RAM Under Rs 8,000
The Citizen Lab at the University of Toronto's Munk School of Global Affairs investigated the mobile browser, and found that it was sending user data unencrypted, or with not enough encryption. This included transmitting phone numbers and device serial numbers, in addition to user search queries and geolocation data.
The lack of encryption would let anyone with access to the data traffic to identify a user's phone number, the device, and the person's location, Citizen Lab said in its report released Thursday.
Alibaba spokesman Bob Christie said the problems were immediately fixed and customers notified of an update to the browser after Citizen Lab brought the issues to Alibaba's attention in April.
Recommended Link: Google To Add Native Fingerprint Authentication To Upcoming Android M
Both UC Browser's Chinese language and English language versions contained the reported flaws. On Friday, Alibaba said it investigated the issues and has fixed the problem with a version update users can now download. "We have no evidence that any user information has been taken," the company said in an email.