Loading [MathJax]/extensions/MathMenu.js
How Does Misconfiguration of Analytic Services Compromise Mobile Privacy? | IEEE Conference Publication | IEEE Xplore

How Does Misconfiguration of Analytic Services Compromise Mobile Privacy?


Abstract:

Mobile application (app) developers commonly utilize analytic services to analyze their app users' behavior to support debugging, improve service quality, and facilitate ...Show More

Abstract:

Mobile application (app) developers commonly utilize analytic services to analyze their app users' behavior to support debugging, improve service quality, and facilitate advertising. Anonymization and aggregation can reduce the sensitivity of such behavioral data, therefore analytic services often encourage the use of such protections. However, these protections are not directly enforced so it is possible for developers to misconfigure the analytic services and expose personal information, which may cause greater privacy risks. Since people use apps in many aspects of their daily lives, such misconfigurations may lead to the leaking of sensitive personal information such as a users' real-time location, health data, or dating preferences. To study this issue and identify potential privacy risks due to such misconfigurations, we developed a semiautomated approach, Privacy-Aware Analytics Misconfiguration Detector (PAMDroid), which enables our empirical study on mis-configurations of analytic services. This paper describes a study of 1,000 popular apps using top analytic services in which we found misconfigurations in 120 apps. In 52 of the 120 apps, misconfigurations lead to a violation of either the analytic service providers' terms of service or the app's own privacy policy.
Date of Conference: 05-11 October 2020
Date Added to IEEE Xplore: 21 December 2020
ISBN Information:

ISSN Information:

Conference Location: Seoul, Korea (South)

Funding Agency:


References

References is not available for this document.