© Copyright 2019 | All Rights Reserved to COMMUNITAKE TECHNOLOGIES Ltd.

THREATS

The Threat

Android Keyboard App with over 50 Million Installs Secretly Collects Your Data

Google removed one of its Top 20 most popular Android apps from the Play Store after an investigation from Pentest, a UK-based cyber-security firm who discovered that the application violated the Mountain View-based giant's policies by showing deceptive behavior. Pentest found it exaggerated that the app would require access to a phone's Bluetooth connection, geo-location feature, or Wi-Fi status.

Additionally, the app would ask for access to kill background processes, read SMS messages, show system overlays, remove download notifications, ask for device admin permissions, take over the phone's lock screen and show ads.

 

Original source: Softpedia. Read the full article >>>

The IntactPhone Protection

The IntactPhone provides multiple defense layers to address apps showing deceptive behavior:

The IntactPhone delivers granular apps permission scheme allowing the system administrator to define the exact policies for applications data and access requests. This eliminates the operation of an external application with deceptive behavior and the ability to gain unauthorized data and access to device resources. Furthermore, applications are installed solely by the central command and control center that silently pushes them to the devices. The user has no access to the Google Play Store and cannot install unauthorized applications.