Contributor: Shaun Aimoto
The number of apps related to the presidential primaries has grown considerably. These apps are more popular than ever, thanks mostly to Donald Trump, according to our data. However, we want to remind users that presidential primary apps can gather a lot of information and may expose sensitive data. Most primary apps are unofficial and not affiliated with a campaign, but even official apps have some data exposure, as we found by looking at two primary candidate apps using the Norton Mobile Security with Norton Mobile Insight app.
Presidential primary apps more popular than ever
As 2016’s presidential primaries have progressed, the number of presidential primary apps installed on mobile devices has grown considerably, becoming more prevalent than ever.
Figure 1. Devices with presidential primary related apps installed
Donald Trump apps are most prevalent
Trump has been the focus of much interest, dominating all candidates with 75 percent of presidential primary apps categorized under his name.
Figure 2. Primary related Android apps covering specific candidates
Many presidential primary apps expose data
Downloading election apps may be a quick way to surrender your sensitive data to unwanted eavesdroppers, especially if you use unsecured Wi-Fi or automatically connect to public Wi-Fi hotspots. Symantec has found that out of more than 1,200 presidential primary-related Android apps we looked at, more than 50 percent exposed sensitive data. Of the most popular primary election apps we observed—those with more than 1 million downloads—nearly 25 percent were found to be exposing sensitive data.
Your phone number and location are just some of the data being exposed
The following are the types of private data we saw being exposed and their associated risk to sensitive data loss:
- Account: Your account details, such as email addresses and social network user names
- Phone number: Your device’s phone number
- Location: Your GPS coordinates or location of nearest cell tower
- Installed apps: List of installed apps on your device
- Device: Brand, model, and operating system of your device
- SIM card: Your international mobile subscriber identity (IMSI)
- Settings: Settings of your device, such as language or time zone
Figure 3. Sensitive data exposure observed by Norton Mobile Insight in presidential primary apps
This data could be intercepted by attackers and shared with third parties.
Even official apps expose sensitive data
Using Norton Mobile Insight, we found the official apps for John Kasich and Ted Cruz may expose sensitive data. In the case of the official John Kasich 2016 mobile app, every app you have installed on your device and your location may be exposed. In the case of the official Ted Cruz "Cruz Crew" app, your mobile device details and unique IMSI identification may be exposed.
Figure 4. Types of data exposure observed by Norton Mobile Insight in official primary apps
As you can see, even officially released apps can put sensitive information at risk.
You can protect your sensitive data from exposure
Symantec offers the following advice to help you protect your data:
- Only install apps from trusted sources and pay close attention to permissions apps may be requesting.
- If an app is asking for more information than you're comfortable sharing, it might be a sign to run the other way. Think of what the purpose of the app is, and only provide information that is necessary for the app to serve its function.
- Turn off location settings when you're not using your GPS function. Beyond saving your battery, this will prevent apps from knowing your exact coordinates and will keep this data safe. Back up your device frequently and keep software up to date.
- Please follow our Dos and Don’ts of Using Public Wi-Fi for simple security guidance if you're stuck using an open network.
- As for the apps that get away from your keen eyes, you can use Norton Mobile Security with Norton Mobile Insight to scan your device. It can tell you exactly what risky behavior an application will perform, alert you if an app you're about to download is dangerous, and give you specific, relevant, and actionable information. You may be surprised by what kind of sensitive data applications are exposing.
Figure 5. App privacy risk on Norton Mobile Security
Remember, before you download that presidential primary app, apps may gather a lot of information and may expose your data. Even official apps may expose sensitive data, so using protection will allow you to both be involved with the election process and keep sensitive data safe.