English
The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1

Are Mobile Advertisers Getting Too Aggressive?

Tim
Kaspersky Lab Expert
Posted February 08, 15:12  GMT
Tags: Google, Google Android, Apple
0.1
 

Many of the apps we enjoy are free. Well, to call them free is a bit misleading. You pay for the apps by looking at advertisements. This is a platform we should all recognize from the sidebar of Facebook, or Google, or almost any service that doesn’t charge a premium to use it. Advertising has paved the way for many services to gather a huge audience audience and still profit.

On Android and in many cases iOS, the advertisers have gotten very aggressive. They now collect all kinds of data through multiple forms of advertising. I’d like to take a look now at what you can expect.

Banner ads – By far the most common, banner ads should be recognizable by anyone using mobile apps at this point. These display advertising banners overtop of an app, often with targeted advertising based on geolocation services.

Push Notifications – These are notifications that are initiated by a remote server, as opposed to a “pull” where the device requests data. Push notifications often appear in the notification tray.

Capture Forms/Signup Ads – These are ads that display during launch or in app. They usually take over the whole screen and ask users to sign up for, or receive more info about an ad.

Content Locks - This is when additional content is only available after interacting with an ad, such as signing up for notifications or entering your email.

App Walls - These are lists of popular apps displayed in game, enticing users to try other apps also using the ad networks services.

App Icons – These are application shortcuts created on the home screen. One recent example is a search icon created when an app using a particular ad network is installed.

How does this advertising work?

The advertising code is inserted into apps using an SDK, or software development kit. In this case, it is a block of code that a developer inserts into an existing application.

Are they dangerous?

The correct answer here is maybe. It really depends on what ad network the app developer has chosen. In many cases ads are only a common nuisance and allow you to play that game for free. In other cases, the adverting company’s SDK is very aggressive and collects a large amount of user info including but not limited to:

IMEI – This number identifies your device on a mobile network. It is specific to the device and doesn’t change even when you change the SIM card.

IMSI – This number identifies your SIM card.

Device Model

OS Version

Country Code

Language

Jailbreak/Root Status

GEO-location

Phone Number

In addition, some SDK’s that provide icons then collect all activity performed after clicking on the icon. For example, the search icon used in the Apperhand SDK drove users to a search page and recorded their activity. Google refused to pull any of the apps saying they didn’t violate the terms of service of the Android App Store.

This information is used to target you as a consumer. Even if it’s used by a responsible company, that sure is a lot of data about one person. Imagine intentionally installing an app that is granted access to the ID number of your phone and your SIM card, knows your GPS coordinates, and your phone number. Once you start the app it asks for your email, collects a list of all your bookmarks and then places a search icon on your desktop and keeps track of everything you search for.

In the US the police are not able to collect this much info about you without a warrant. Why can advertisers do it?


Comments

If you would like to comment on this article you must first
login


Bookmark and Share
Share

Analysis

Blog