News

Dating apps became safer, but not in terms of privacy

Kaspersky Lab experts tested a number of online dating applications and came to the conclusion that they have become safer.

The researchers analyzed the nine most popular apps in the world: Tinder, Bumble, OkCupid, Mamba, Pure, Feeld, Her, Happn, and Badoo (iOS and Android versions). The results of the study were compared with the results of a similar analysis in 2017.

It turned out that dating services are now better protected from a technical point of view, especially in terms of data interception. However, privacy risks still persis: such applications store a lot of personal information that can be used for cyberstalking (Internet stalking) and doxing (publishing data about a person without their awareness and consent to harm their reputation).

In 2017, four of the nine applications studied were capable of intercepting data being sent, and many were using HTTP. The situation has improved significantly in 2021. So, none of the applications studied uses HTTP, and no data is transmitted at all if the protocol is insecure.

But many privacy concerns remain.

For example, in most of the studied services, you can register using an account on a social network. In this case, the data from it is automatically pulled into the new profile. Users are also asked to add information about their place of work or study. Such details make it easier to find a person on a social network, where, if privacy settings are not enabled, you can learn even more about him.researchers say.

Happn, Her, Bumble and Tinder users are required to provide their location. Some apps, like Mamba, show it to within a meter. Happn has additional functionality that allows account holders to see how many times and where they have crossed paths with their match (the person that responded in the app).

All this data, as well as the content of chats and photos, can be used for stalking on the web or in the real world, as well as for doxing.

Mamba is the only app we studied that allows blurring photos for free, while Pure is the only one that doesn’t allow taking screenshots of chats.

Some additional privacy options are subject to a fee. So, in the paid versions of most of the services studied, you can enable incognito mode. In this case, the profile is visible only to those users to whom its owner has expressed sympathy. In the paid versions of Tinder and Bumble, you can manually select a region and not provide more specific clarifications by location.

Alas, as in previous research, most Android apps store messages and cached photos on the device. That is, an attacker can get access to them using malware.

Mamba and Badoo even send an email with the generated password to log into the account in clear text, which definitely cannot be attributed to good security practices.

Being active online and keeping your data private is not easy. Online dating apps illustrate this vividly. People want to meet and communicate on the Internet, but in a way that is safe. We can see that dating services have become more secure in the past few years, especially their paid versions. We hope that in the future, features important for maintaining privacy will be available for free in all such applications. The best thing that account holders in dating services can do for their digital security is to carefully monitor what data they provide about themselves in profiles and chats.commented Tatyana Shishkova, cybersecurity expert at Kaspersky Lab.

Let me remind you that we also reported that Famous hacker through vulnerability in vBulletin crushed into forums for sex workers.

User Review
0 (0 votes)
Comments Rating 0 (0 reviews)
Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Recent Posts

Remove Streamingsafevpn pop-up ads (Virus Removal Guide)

Streamingsafevpn.com is a site that tries to force you into subscribing to its browser notifications…

1 day ago

Remove Psegeevalrat.net pop-up ads (Virus Removal Guide)

Psegeevalrat.net is a site that tries to trick you into subscribing to its browser notifications…

1 day ago

Remove Thi-tl-310-a.buzz pop-up ads (Virus Removal Guide)

Thi-tl-310-a.buzz is a site that tries to force you into clik to its browser notifications…

3 days ago

Remove Toreffirmading pop-up ads (Virus Removal Guide)

Toreffirmading.com is a domain that tries to force you into subscribing to its browser notifications…

3 days ago

Remove News-xboveho.site pop-up ads (Virus Removal Guide)

News-xboveho.site is a domain that tries to force you into subscribing to its browser notifications…

3 days ago

Remove Glayingly pop-up ads (Virus Removal Guide)

Glayingly.com is a site that tries to trick you into subscribing to its browser notifications…

3 days ago