How to protect your data in Android applications after the leak of Firebase platform |
A new security survey showed that 4,282 Android apps use Google's Firebase platform, which discloses confidential personal information about users without the user's knowledge.
Data includes: email address, username, password, phone number, full name, chat message and geolocation data.
After Firebase platform leak, you can protect data in Android app as follows:
Firebase is Google’s mobile and web application development platform that provides a variety of tools that application developers can use to develop applications and store app data and files securely.
According to a security study conducted by security researchers (Bob Diachenko) in cooperation with the website, 515,735 Android applications were analyzed with Comparitech search and technical services, accounting for about 18% of all applications in the Google Play Store.
As a result, approximately 4.8% of the mobile applications that use (Google Firebase) to store user data are not properly protected, so anyone can access the database that contains the user's personal information and store it. Access without a password or any other method. Symbol and other data. Other certificates.
You can access databases simply by searching online. Although Google removes the Firebase database from search results, you can still find it if you use other search engines (like Bing).
The Comparitech team also found that many data loss apps are very popular and Android users have installed 4.22 billion times, especially games and educational apps.
Since the average smartphone user installs 60 to 90 apps, it is also possible that at least one app will affect the privacy of Android users.
If you are using an Android phone, do the following to protect the data:
Unfortunately, the only way to avoid data leaks is to ask the developer of each application to update the application's Firebase database. Whether you use one of these apps or not, there is not much you can do to prevent it.
However, you should take the same precautions to prevent harmful apps from affecting your phone:
- Use a single password for all of your accounts and an encrypted password management app to ensure security.
- Keep at least the shared data and personal account information, including contact information such as name, address, email address, personal phone number, financial information or payment information, and other user data such as GPS logs and web browsers.
- There is no need to link apps and accounts together.
- Check out the downloaded app.
- Read reviews for a longer period, check the permissions the app requests, and discover more information about the app before installing.
- Check the app with reliable anti-malware and anti-virus applications before installing the application.