Google is currently under the supervision of the Justice Department and is in a difficult phase.Proceedings against tech giant For that monopoly Leave the default search engine and browser.And now, as some researchers at the Nonprofit International Data Accountability Council (IDAC) have, the company is facing another blow. report Three well-known children’s apps on the Google Play store violate Google’s data collection policy. IDAC further reports that these apps may be accessing your data by accessing your Android ID and Android Advertising ID number.
Today, the Google Play Store is literally a playground for over 3 million apps, and it’s true that some of these apps may contain malicious content, adware, or other suspicious stuff. Not surprising.
The three apps that were removed by Google after this report are very well known among children and have been downloaded more than 20 million times in total. These apps include Princess Salon, Cats & Cosplay, and Number Coloring, and were developed using the software development kit for Unity, a 3D game engine, and Umeng, an analysis provider engine owned by Alibaba. .. “Appodeal” is an adware provider, analytics provider, and app monetization system.
Researchers believe that accessing the Android ID and Android Advertising ID number must have resulted in a data breach associated with these three SDK providers. Google has confirmed that it has removed these three apps in question, but it’s unclear how much data was leaked and how much damage was done.
Although Google has a defensive stance, IDAC President Quentin Palfrey said the breach raises serious concerns about in-app data processing practices.
According to Palfrey, accessing Android IDs and AAID numbers could make users vulnerable and even access geolocation. And that is definitely a serious concern. This is because Google’s privacy measures can be violated or bridged.
The president of IDAC did not consider many specifications, but found that a particular version of the SDK provided by the “Unity” engine was collecting both the user’s Android ID and AAID number at the same time. I pointed out. Developers can bypass these controls and track users across different devices, making Google’s privacy controls much more vulnerable. It can also provide users with sufficient information to be targeted by specific ads and other types of adware.