With the recent shocking revelation that Google Play discloses customer information to sellers, we look at all the major mobile platforms to find out whether seller/buyer information is safely guarded...
It was recently revealed by an Australian developer that Google Play could be passing on customers’ personal information to sellers without their consent. According to developer Dan Nolan, “every app purchase you make on Google Play gives the developer your name, suburb and email address with no indication that this information is actually being transferred”.
Nolan is the creator of the iOS app “Paul Keating insult generator”, which he recently ported over to the Android platform. The app reached #1 on the iOS App Store in Australia. The developer claimed that since every transaction is treated as a Google Wallet order, as if it was a physical purchase, the details of the person’s location and email address are disclosed to the seller. Nolan claims that “With the information I have available to me through the checkout portal I could track down and harass userswho left negative reviews or refunded the app purchase”. We have a look at each platform and the level of user privacy that it offers, and also how well the user is informed about his information being shared.
Android
According to Google’s policy, “We will share personal information with companies, organizations or individuals outside of Google when we have your consent to do so.We require opt-in consent for the sharing of any sensitive personal information”. According to their definitions though, “sensitive personal information” refers to confidential medical facts, racial or ethnic origins, political or religious beliefs, sexuality.
This doesn’t cover the full name,email or suburb that they reveal to sellers! There are no notifications given to the buyer of the app in the mobile that informs them of the data being sent. However, Android does provide notifications of permissions given when an app is being installed. For example, it could say that the app will access “your messages” or “your location” so that the user is aware before installation. However, an important point to note is that quality control on Google Play is lower than platforms such as iOS, and all that is needed is a smoke test before an app is approved. Hence, there are higher chances for malicious apps to find themselves onto the Android app store.
ios
According to Nolan, “If you buy something on the iOS App Store, you purchase it off Apple, and they pass the money to the developer”. This is because Apple acts as the merchant through the app store,by selling the app and passing on the appropriate share to the developer. The only thing the AppStore shares with developers is the general information about number of downloads.
We found that the only exception was the subscriptions through Apple’s newsstand store, but personal information is only shared if the customer gives his consent. There is a fine level of granularity for permissions given to apps. The first time an app asks for permission, perhaps to access location, the user can allow or deny the permission. This is updated in the settings accordingly. The helpful thing is, unlike Android, iOS allows you to change permissions for every category of permissions, on the specific set of apps using the permissions.
windows phone
After sifting through Windows Phone Store’s privacy policy, all it reveals is that Microsoft will share your personal information to “comply with the law”, “protect the rights or property of Microsoft or our customers “ or “to protect the personal safety of Microsoft employees, customers, or the public”.It does not mention anything about personal information being shared with sellers.
Since transactions on the Windows Phone store are done through Microsoft, personal details are not shared with the developers, like it is on Android. Moreover, the app policies for Windows Phone clearly states that if an app accesses any information that is personal in nature, it “must implement a method to obtain the user’s “opt-in” consent”, and “provide a mechanism through which the user can later opt out of having the information accessed, uploaded or shared.”. However, a disadvantage compared to the iOS is that specific permissions cannot be allowed for an app, and the user has to allow all permissions before using an app.
BlackBerry 10
According to Blackberry’s privacy policy regarding purchase terms from the BlackBerry World app store, it says “You consent to RIME providing Your Payment Information to third party MoRs, payment processors, or other entities as is reasonably required to facilitate the Purchase and ancillary services”. In terms of financial transactions between vendors and clients, BlackBerry actually partners with two companies, Digital River and Bango, to act as merchants and be responsible for transaction processing, billing and disbursement of revenue. While Digital River will provide reports of transactions to vendors, it will not share the personal information of end users. Unlike Android and Windows Phone 8, BB10 does have settings for permissions so that users can change the specific permissions they give to apps without having to uninstall the app completely.
No comments:
Post a Comment