Message histories were also found to be at risk, particularly for Android users running outdated software containing vulnerabilities that enable attackers to gain root access to the device, which could allow outsiders to read messages written and photos viewed in their chosen dating apps.
How to Avoid Internet Dating Scams: 11 Steps (with Pictures)
Six of the nine apps were also found to have geolocation weaknesses, with Kaspersky Lab also identifying risks in the data transmission process. It also opens possibilities for stalking — to harass people and track their movements in real life. Therefore you should be sure to carefully monitor your privacy, security and data protection when dating online. In order to keep your data safe from thefts, Kaspersky Lab recommends avoiding public Wi-Fi hotspots, which often lack efficient protection, or to use a VPN service. If someone wants to know your whereabouts, six of the nine apps will lend a hand.
Only OkCupid, Bumble, and Badoo keep user location data under lock and key. Happn not only shows how many meters separate you from another user, but also the number of times your paths have intersected, making it even easier to track someone down. As our researchers found out, one of the most insecure apps in this respect is Mamba.
The analytics module used in the Android version does not encrypt data about the device model, serial number, etc. Such data is not only viewable, but also modifiable. However, our researchers were able to intercept Zoosk data only when uploading new photos or videos — and following our notification, the developers promptly fixed the problem.
- oman dating expatica;
- Safe Online Dating.
- dating rca tubes;
- paris dating club;
- Ask the Community.
- saved by the bell zack and kelly start dating;
When using the Android versions of Paktor, Badoo, and Zoosk, other details — for example, GPS data and device info — can end up in the wrong hands. It turned out that most apps five out of nine are vulnerable to MITM attacks because they do not verify the authenticity of certificates. And almost all of the apps authorize through Facebook, so the lack of certificate verification can lead to the theft of the temporary authorization key in the form of a token. Regardless of the exact kind of data the app stores on the device, such data can be accessed with superuser rights.
This concerns only Android-based devices; malware able to gain root access in iOS is a rarity.
Online Dating Safety Tips & Guides
The result of the analysis is less than encouraging: Eight of the nine applications for Android are ready to provide too much information to cybercriminals with superuser access rights. As such, the researchers were able to get authorization tokens for social media from almost all of the apps in question. The credentials were encrypted, but the decryption key was easily extractable from the app itself. Tinder, Bumble, OkCupid, Badoo, Happn, and Paktor all store messaging history and photos of users together with their tokens.
Are dating apps safe?
Thus, the holder of superuser access privileges can easily access confidential information. If not stealing, then extorting. Alexandra Golovina 3 posts. Are dating apps safe?