Free smartphone apps pose huge threats to user privacy by collecting unnecessary information, says a report from Juniper Networks.
The network security firm analysed 1.7 million applications on the Android market over an 18-month period from March 2011 to September 2012. The research suggests free applications are 401 per cent more likely to track user location and 314 per cent more likely to access user address books than paid-for apps.
The findings come after the Android operating system achieved a 75 per cent share of the smartphone market, and almost 50 per cent on tablets, with an estimated 21 billion apps being downloaded from the Google Play store this year alone. However, Juniper Networks suggests users aren't aware of how apps collect data.
"Even though a list of permissions is presented when installing an app, most people don't understand what they are agreeing to or have the proper information needed to make educated decisions about which apps to trust," states the report.
A disturbingly high number of applications collect information that's not needed for functionality, with almost a quarter of free apps having permission to track the user's location, compared to six per cent for paid-for apps.
Meanwhile, seven per cent of free apps have permission to access users' address books, six per cent have permission to secretly initiate calls in the background, five per cent have access to the device camera and three per cent can silently send text messages. About two per cent of paid-for apps also have access to these features.
"Possibly more concerning are the other permissions being requested from applications like the ability to clandestinely initiate outgoing calls, send SMS messages and use a device camera," says Juniper.
"An application that can clandestinely initiate a phone call could be used to silently listen to ambient conversations within hearing distance of a mobile device.
"Similarly, access to the device camera could enable a third party to obtain video and pictures of the area where the device is present, as was recently presented with the proof-of-concept Spyware PlaceRaider."
It isn't the first time security of Android applications has come into question, but the findings are concerning nonetheless. Indeed, previous Computing research suggests 27 per cent of Android users are aware of the issue, stating security isn't as strong as it could be.
It's worth noting that while the research is based around security on Android devices, iPhones and iPads aren't necessarily any safer. Juniper points out that despite a desire to examine iOS applications "Apple does not disclose related information about its apps, and questions regarding the Apple App Store and related privacy statistics should be directed towards Apple".
The iPhone and iPad manufacturer has previously come under fire for approving scammer apps for the iTunes store. This includes fake version of Nintendo's popular Pokémon Yellow Game Boy title, which appeared in the App store in February 2012. Nintendo has repeatedly stated it has no intentions of producing mobile apps, which saw many question Apple's approval policy.
This paper seeks to provide education and technical insight to beacons, in addition to providing insight to Apple's iBeacon specification
Focus on cost efficiency, simplicity, performance, scalability and future-readiness when architecting your data protection strategy