Over 230 Android apps support ultrasonic tracking [Update]

researchers from the Technical University of Braunschweig have 234 Android discovered apps that track their usage patterns by ultrasound in the background and without the consent of users. As ultra sound cross-device tracking (uXDT) described technique, the a research report according to still in its infancy is, is able to collect information about used apps, visited places and even called websites.

 security Android (image: ZDNet with material by Shutterstock/Mikko Lemola and Google) the apps draw on the fact, that speaker – also the Smartphone – can emit sounds in the ultrasonic range that are inaudible to the human ear. In addition, the microphones of mobile ultrasonic sounds can record. The technology can expand but also on retail shops or billboards. A loudspeaker in a shelves could provide, for example, a Smartphone app ultrasound information is the user in a shoe store, to display matching advertising in an app or the browser promptly.

specifically the technique be used to display location-based advertising such as discount coupons or vouchers. The researchers in several retail stores in two European cities referred to unspecified found the so-called ultrasonic beacons.

many of these apps were downloaded thousands or even several million times, including games such as Pinoy Henyo, that receives ultrasonic signals from the environment, as soon as it receives access to the microphone. In the report but also the apps of the restaurant chains are called McDonalds and Krispy Kreme. The researchers leave but how and what the apps take advantage of the technology.

generally they classify the ultrasonic tracking “a threat to privacy”, as allowing “unnoticed tracking sites, behavior and equipment”. Advertisers could determine inter alia the media consumption of a person, by ultrasonic signals they across device, for example, of a Smartphone and a television, record from Web sites as well as radio and television. “A villain might allocate even precisely sensitive content, such as political documentaries or movies for adults a certain person – even in different locations”, according to the report.

advertising can therefore optimize over the determination of the location of a user, his behavior, and even his buying habits, allowing also to spy out via ultrasound. The researchers even assume that technology is suited to tracking Bitcoin payments or to expose users of the anonymization network the onion router (Tor).

also the researchers point out that users can not detect, what apps waiting on ultrasonic signals from their environment. The only possible reference was the permission for access to the microphone. “Once a user has installed a such app, he knows, when the microphone is activated, nor transmitted the information to the server of the provider”, the researchers added.

users who want to protect themselves against such threats, should check the app permissions in the settings of their smartphones. For example, news apps or games need not have access to the microphone.

the researchers in an analysis of a total of 1.3 million mobile applications found the 234 relevant apps. Although the proportion of the Appps which uXDT use with 0.018 percent appears very low, their number has increased significantly in the past few months. 6 of 1.3 million apps were affected in April 2015. In December 2015, there were already 39.

WEBINAR

what next – BB´s storage & co: the enterprise cloud!

get to know the building blocks of enterprise cloud platform in this audio Webinar. Learn how to achieve maximum freedom and flexibility for your applications. More outcome achieved with less input – specific application examples. [Update: the webinar has already occurred.] Register now and look at the record.

[withmaterialbyZackWhittaker ZDNet.com ]

tip : you are an Android expert? Check your knowledge – with 15 questions on silicon.de

Update 9.5: researchers app list do not publish

on request by ZDNet.de told the researchers, that they are not planning a publication of the apps which use ultrasonic tracking. It was not the intention of the research work to provide a public pillory in the network. However, Google was informed “so that any play store existing apps quickly are likely to be removed”. Also the risk of these apps is quite low anyway for European users because the apps come mainly from South East Asia.

Be the first to comment

Leave a Reply