Daycare apps: Privacy experts find serious security flaws

Childcare as a source of income: Many daycare apps share collected data with advertisers. In addition, potential attackers could access children’s photos.

 Daycare apps: Privacy experts find serious security deficiencies

IT security experts have found a Study examined 42 daycare apps, mainly from Europe and the USA – and discovered some serious security deficiencies. Several apps tapped data without consent and shared it with third parties, with some the researchers were even able to access photos of children.

This is the result of a paper published on Thursday, for which scientists from the Ruhr- University of Bochum, the Max Planck Institute for Security and Privacy and experts from the IT security company Aware7 from Gelsenkirchen.

Parents can use apps like this to communicate with educators or access reports on child development, daycare centers can such as organizing schedules. In total, the 42 apps examined were downloaded three million times – but two apps from the USA alone accounted for a good two thirds of these. The 16 apps available on the German market have almost half a million downloads, but not all of them have to come from German users. However, apps are definitely used in Germany, according to a message from the city of Wiesbaden on Thursday in the 42 day care centers there.

Four German apps with major security problems

The result of the study: eight apps ( including four Germans) had “serious security problems”. Attackers were sometimes able to view private photos of the children there. The scientists found the vulnerabilities by hacking accounts they created themselves.

Almost all apps also collect data and sell it to third-party providers such as Amazon, Facebook, Google or Microsoft for targeted advertising campaigns. A daycare app provider, for example, discloses that the average number of diapers changed per day is calculated.

Most app providers do not respond to inquiries

A “frightening picture” emerged from the data protection declarations, said Maximilian Golla, co-author of the study. The team alerted all vendors to vulnerabilities prior to release. Only six of the 42 responded at all, said Golla.

Only Android apps were examined. However, the study authors suspect that the result would be comparable with other providers such as Apple. Twelve of the apps examined – including four German apps – were harmless and can be recommended according to the study authors.

Rate article
Leave a Reply