Antivirus software specialist Bitdefender has found that nearly 19% of iOS apps access your address book without your knowledge — or your consent — when you’re using them, and 41% track your location. What’s most concerning is over 40% of them don’t encrypt your data once it has been collected.
That’s all going to change when iOS 6 makes its debut later this year, however.
Bitdefender studied more than 65,000 iOS apps currently available to download from the App Store, and found that 18.6% of them access your all the contact details in your address book without asking for your permission, or even notifying you of their actions.
Furthermore, a whopping 41% will track your location without your permission.
A lot of this data is then stored by developers — for all kinds of reasons — and only 57.5% of them encrypt the data. That means the remaining 42.5% don’t protect your data at all, leaving it open to any hacker who wants to get their hands on it.
Catalin Cosoi, chief security researcher at Bitdefender, said these are worrying statistics:
It is worrying stored data encryption on iOS apps is low and location tracking is so prevalent. Without notification of what an app accesses, it is difficult to control what information users give up.
We see a worrying landscape of poor user data encryption, prevalent location tracking and silent, unjustified, Address Book access.
This is all set to change in iOS 6, however. Following the whole Path debacle, Apple has integrated new privacy features into its upcoming firmware that aim to combat this issue.
When you use an iOS app for the first time, iOS 6 will ask for your permission when it attempts to access your address book, your location, and even your Camera Roll, so you know exactly which apps are accessing your data, and which ones you’ve granted access to.
There is still a concern over encryption, however, because there’s no way of knowing if the apps you’ve given permission to are encrypting your data once they have obtained it. Unfortunately, until Apple forces developers to do this, we’ll never know which apps are encrypting our data and which ones aren’t.