How safe is your smartphone?

Business Spectator 20 September 2012

Smartphones have been in the news a lot lately and not just because of the arival of the new iPhone 5. Over the past couple of months stories have begun to surface on data retention, mobile roaming charges and bill shock. The one thread that these stories all have in common is that they all revolve around the smartphone, which might be your best friend but could also do you harm.

The best spying tool

Your smart phone is being used to spy on you. Everything from your voice, address book, photos, browsing history and any other personal details on the smart phone are being uploaded by either the phone manufacturer, operator or by one or most of the apps that you have loaded onto your phone.

The reasons that your personal data is being uploaded by one of the organisations that have found a way to get access to your smartphone vary. Your carrier collects information to ensure your phone can be restored if something goes wrong, and to comply with Australian cybercrime and other laws.

Other organisations collect your personal data so that they can sell it or use the data to impersonate you and carry out fraud or another crime. It is possible to get details on how to access e-commerce sites from your smartphone. With this information criminals can purchase goods and leave you with the bill.

Your smart phone provides a snapshot of who you are and what you do. Everything you do with your smartphone is of interest to data mining companies that ultimately sell snapshots of information gleaned from smart phones and apps to marketing companies.

US company, Flurry Analytics is an example of one of these data collection and mining organisations. It collects data from 1.4 billion app sessions per day from more than 600 million smart phones and tablets in the US.                                                            

Worrying trends are now appearing where more and more companies are signing up app manufacturers who then provide information about what you’re using for smartphone for. Some smartphone apps have been found to be accessing data on the smart phone for which the app has no reason to access.

Bill shock

Smartphones cause bill shock for a couple of reasons including confusing plans, high excess data charges and the ongoing international roaming rip-off.

More recently, parents have been lending smartphones to children or alternatively buying them their own smartphone. More often than not, these children then proceed to purchase these so-called “free apps” from the app store. Most of which are games.

Many of the new smart phone game apps entice players to carry out "in-app purchases". Some of the apps use techniques that create anxiety or unfavourable game play unless in-app purchases are made.

For example, one of these apps is free to download and then allows in-app purchases of up to $100 with just two taps on the screen of the device.

Children are being targeted by this phenomenon and advocacy groups are concerned that children are being targeted in the same way that adults are targeted by the gambling industry. It is possible that smart phone and tablet game apps are utilising practices developed over many years by the gambling industry to tap into an individual’s competitiveness and introduce a pleasure-reward aspect to the game that causes some level of addiction.

Action is being taken in the US through a class action against Apple over iTunes bill shock.

People who use iTunes need to be aware that if an iTunes purchase is made on the device then for the next 15 minutes purchases can be made without re-entering the iTunes account password. Hypothetically, if you make an iTunes purchase and then give your smart phone or table to a child, that child can download free game apps and make in-app purchases within the next 15 minutes without the need for the iTunes account password. Every time the child makes an in-app purchase the timer resets.

What is of concern is that restricting in-app purchases is turned off by default. This feature is one of several parental controls that must be turned on manually. To enable parental controls on an Apple device tap on settings > general > restrictions, and enter a passcode (this should be different to your iTunes account password). Many may not know that this parental control function exists.

What’s being done?

The Australian Competition and Consumer Commission (ACCC) and the consumer group Australian Communications Consumer Action Network have voiced concerns about the ways that smart phones and tablets are being used by unscrupulous app providers to fleece users of smart phones and tablets and to steal personal information for on selling and financial gain.

There is a balance that must be achieved between consumer protection and the rights of the multi-national companies that make and sell smart devices to maximise profit for shareholders without exploiting their users. The Australian government will work with the ACCC to update consumer protection laws. But until they do, take heed, your smartphone and tablet are not benign devices. They have the potential to deal you some damage and must be closely managed, especially around children.

Mark Gregory Senior Lecturer in Electrical and Computer Engineering at RMIT University.