While downloading a app From the Google Play Store, users can see all the information requested by the application, including permissions, personal information and more through the Data Security section. Over time, criminals have learned sophisticated techniques to obtain malicious apps from legitimate online stores, including the Google Play Store.
Google recently removed four apps downloaded over 100,000 times from the Play Store. These apps spread the extremely dangerous Joker malware. Once users download these or other infected apps, the malware is deployed on their device, helping the bad guys gain access. It is important to mention that one of these apps was available on the Play Store since November 2020, while the others were published in June.
In an official blog post, Google describes data security as a section where developers should share more information about how apps work.collect, share and protect user data.In a nutshell, the Data Security section shows users all the data an app collects, the information an app shares with other parties, the system resources an app needs to access, and the purpose behind them. In addition, the section also contains information about the security practices that applications have and whether they qualify for the global security standard. Google launched the Data Security section in April, and developers had a deadline of July 20, 2022 to submit the required information.
How to verify all the data collected by an application
To view the Data Security section before (or after) downloading an app, search for it in the Google Play Store, tap the result to open the app’s page, and scroll down to locate ‘data security.’ This is located just below the ‘About this app‘ section. By tapping the right arrow, users will first see the ‘shared data‘ by the application with other companies or organizations, which could include the user’s personal information and device identification. Scrolling down, users can see the ‘Data collected‘ by the application, which is done by requesting permissions. Finally, the Data Security section shows security practices such as encryption techniques. By looking at these types of data, users should have a clear idea of what information an app collects once it is downloaded and used. Also, the Data Security section should help detect malicious apps.
For example, suppose a user wants to download Facebook. Once you locate the Data Security section on the app page, you’ll notice that the section displays a summary of data security, collection, and sharing practices. By expanding the Data Security section, users will find that Facebook shares their name and email address with other companies or organizations for fraud prevention, security, and compliance purposes. In addition, the Data Security section also shows that the Facebook app may collect types of data such as approximate location, personal information, messages, and photos/videos. Regarding security practices, the section mentions that Facebook transfers their data through a secure connection and users can request the platform to delete their data. While this is just an example, the Data Security section is available to all Applications in the Google Play Store.
Source: Google
