App Security & Your Data

Today the media & app development scene resembles the old Wild West, where people are descending on the opportunity to create apps. I get asked often:

“How come there are so many FREE apps that do things for us?…How do these companies make any money?”

As a media developer I get asked this question many times when it comes to smartphone, tablet, Facebook games and various media apps in the market today.  For most, it’s perplexing as to why a company would invest time, money and resources to develop a free product.

In this quick article, I will explain the reasoning behind free apps and also inform you on behind the scenes methods that allow companies to profit in this growing app industry.  You’ll learn the positive effects on a company that gives away a FREE product as well as the negative and unscrupulous and relatively unknown industry that is also often involved.

 

FREE Apps and How They Make Money

To immediately get to the point with FREE apps, games and media. It important to know that YOU become the commodity. The two most common ways to benefit from free apps are selling advertisements and selling information.

Selling Ads

You, the person viewing, can consume advertising that they place in the form of banner ads. We see this when we play certain smartphone games or other free apps. For some of us, these can be very annoying, for others they just might not mind. A FREE app or game can be worth the quick inconvenience of an ad.

For the app developer, if his app gets a million downloads, then he becomes a valuable tool for advertisers to place their ads in this app and may get possible links to products and services they want to sell.

Selling Information

The other form of monetization occurring is your information. Your information like gender, region, location and more are an information goldmine for companies to deliver targeted ads or media to you. The more focused they can narrow down there advertising, the better R.O.I. they will have. While this data collection can serve good, it can also be greatly abused and unfortunately is being abused more than not.

Value of App & Media

The value that the app or media we perceive we get from it will determine if we will consent to advertisements and data collection. For most of us, we don’t think twice about it. Ask yourself: Why are we so willingly compliant when it comes to consenting to what these apps and media will collect and deliver to us? My opinion is that most humans don’t stop for a minute to investigate what they are about to use. The need and convenience of having it now, overrides the mentality needed when approaching these new digital mediums. Take the common Flashlight App available on many smartphones. Have you ever stopped to investigate the terms and agreement or even the developers behind the scenes who created this app? Most likely the answer is no. For most of us,  It’s dark, and we need a flashlight app, and install the first one with good reviews typically.

 

Good & Evil in the 21st Century

With every technology comes two sides that must be addressed. The good and evil side of things. Unfortunately as humans flock to using more apps and media, professional information groups have begun to reach farther and farther into what they want from you. Some have legitimate purposes while others have bad purposes that deeply question and concern me as an information developer. For the rest of this article, I am going to put you in the shoes of what would be considered a “badguy” developer or most likely, the organization and their approach to how they make money today with your information.

Identify the Flaw: The Human Desire of Wanting it Now

This need for instant gratification to fill a need or want can be considered a flaw. Information developers globally understand that humans are searching for things they they need or want. In the case of want, it can vary depending on social metrics that drive the person to perceive that they need it. You want to play temple run, you don’t need it. Our needs as humans are constantly evolving, but at a root level we all want to be entertained. (Games make up 60% of all app downloads today..mobileInquirer Research)

Need based app… like the example I discussed earlier, sometimes you need a certain app. If you are in the dark and looking for a flashlight, the need for the app may become apparent. When we buy are phones we don’t say to ourselves, I want a Flashlight app. We find ourselves in situations that it is useful so we download it and install it to use in order to fill a perceived immediate need.

I started with the above two examples, and their are many more,  but I wanted to highlight that information developers look to start with studying the human first. How do they use these pieces of machines and software in ways to manipulate your thought patterns. What do they want? What are YOU willing to give up in the process of filling the need or want?

Unfortunately today, there are some alarming rates at which corporations and information organizations are pushing the bar further and collecting vast amounts of intimate information on you because most people don’t realize what is happening.

 

Why?

The first and most obvious reason is money. When you as an individual and(or) organization can collect data on people, you become extremely valuable. Your app has a million downloads and its primarily 16-24 yr old females using? Great! I can potentially have a buyer that sells teenage cosmetics that wants to be in front of one million+ in this demographic. What’s it worth to them?

Here the world of professional data groups become primary buyers and sellers. Companies like Reed Elsevier, LexisNexus, Dun&Bradstreet are all in the game of collecting demographic data and selling it for profit. Now with the rise in digital media platforms, they are contracting and outright buying as much data from these platform creators as they possibly can. Don’t think it’s profitable? Choicepoint, which was listed on the NYSE sold itself to Reed Elsevier for 3.6billion in 2008. Choicepoint for some that did not realize, was a spinoff of Equifax, the company that maintains one of your major credit scores.

The second reason is observation. This is an area that moves beyond money. This arena of information collection and dissemination is not after your money. They are after the ability to collect data and create profiles that can target things like regions, people, backgrounds and more. Here government, law enforcement and intelligence agencies globally reside. Information from any and every source is collected and housed to have the ability today or in the future to quickly disseminate information on society, criminals, people, events and more.

The “how” they collect the information as all part of an overall system that feeds data to these major centers globally for housing and dissemination.  As technology is now maturing to have us surfing the internet, or use apps. Organizations all around the world are creating games, media,  apps and more aimed at collecting this data.

A quick example is Raytheon’s RIOT software that they have created. Raytheon like many others are profit driven corporations. In the case of R.I.O.T. there goal is to create a software system that they can sell to law enforcement and government agencies globally. This system is based on data extracted in real time from many sources and can target an individuals, there movement, and what they are doing as well as future predict “hotspots” in a region. An example would be Facebook posts spiking in Orlando, Fl about a topic about protesting on a certain day about some event that law enforcement should take concern with. (view video about RIOT)

Where do you think the data to create software like this comes from?

Smartphone App Example

A smartphone app example used in data collection is a Flashlight app which was out in the market that was collecting your GPS location, your address book information, your phone number, your email, device ID, and your contacts information.

Why would a simple flashlight app want so much information? Who and where does this information go to? As quick as questions surfaced as to the practice of this data collection they changed their contact information, removed their website and shut down.

Unfortunately the majority of people do not ask these questions as they are trying to address a need or want immediately.

 

Example Facebook Profile Broker

Another area of major data collection is social media…particularly Facebook. I’m using this as an example now because I see it becoming rampant everyday. Many people see games and apps available on Facebook and when we comply we get a message that this app wants to access certain information. For the most part, we get the warning and comply easily. The problem is that it’s very easy to trick you into thinking I want nothing from you, and later through an upgrade or update you simply install or update my app and because you did not read the new terms of services, or fine print, or I just did not bother putting them in there… I come in like a trojan horse and collect all the data I want.

In the picture shown here, I found this interesting as this website (ProfileEngine.com) is obviously collecting data and attempting to re-sell information based on social metric data they are collecting. The reason I pulled up this profile, is because I know this person, but I was not looking for him. He is “friends” with the person I was researching. It just happens that the person I was looking for was tied to this profile.

So even if you are wary about publicizing your profile or personal information and don’t want it out there, be careful as you may come up connected to other profiles or pieces of information that you may not want exposed.

I have another acquaintance that is adamant at staying off social media. There purpose was they did not want people to have the ability to research them online. Unfortunately they are in a losing battle. If you use your credit or debit card, just know that your data and stats are being saved. They were involved in big business transactions and commerce. In the world of major commerce like negotiating a buyout, mergers or acquisitions of a billion dollar companies. Finding information on people is crucial during negotiations and deployed as a tactic today.

What to Do?

Next time you find yourself looking at a FREE smartphone app or game on Facebook. Take some time to research the development team behind the creation of it. It only takes one data sweep to collect your data. With every offense there come applicable defenses. The first step is becoming aware of what’s going on and why. Once you understand the nature of things, then you can move to modifying behavior or creating systems that counter those up to no good.

 

Further Links on Data Collection

Samsung & Jay Z https://www.cdt.org/blogs/gs-hans/1107jay-z%E2%80%99s-app-highlights-privacy-issues-collecting-vast-amounts-smartphone-data

 

NY Times on mobile App Data Harvesting

http://bits.blogs.nytimes.com/2012/02/15/google-and-mobile-apps-take-data-books-without-permission/?_r=0

 

Carnegie Mellon Research on App Collecting Offenders

http://www.cmu.edu/news/stories/archives/2013/january/jan15_appprivacyconcerns.html

 

How the U.S. Govt forces Tech Companies to Give them Data

http://smallbusiness.yahoo.com/advisor/zuckerberg-nsa-government-blew-205840551.html

Once the U.S. Govt has data, they give it to sub-contractors like Raytheon, Booz Allen and more to create systems around this data.

(in the case of Booz Allen and the NSA. Edward Snowden was the whistleblower who exposed privacy breaches and abuses by the U.S. govt)

 

NSA Employees Spy on Love Interests

http://blogs.wsj.com/washwire/2013/08/23/nsa-officers-sometimes-spy-on-love-interests/

By | 2016-10-27T18:34:38+00:00 March 24th, 2015|My Blog|Comments Off on App Security & Your Data