Menu
Wi-Fi access point scans can betray a person's location

Wi-Fi access point scans can betray a person's location

A new study warns that Wi-Fi data collected by applications could be used for tracking

A new study warns that Wi-Fi data collected by Android applications could be used to figure out a person's location most of the time.

A new study warns that Wi-Fi data collected by Android applications could be used to figure out a person's location most of the time.

Many Android applications collect information on Wi-Fi access points, which researchers contend can be used to figure out where a person is more than 90 percent of the time.

The privacy implications of Wi-Fi access point scanning is often overlooked but presents a risk if the information is abused, according to the study, written by the Technical University of Denmark, the Massachusetts Institute of Technology and the University of Copenhagen.

Wi-Fi information isn't considered location data, and Android applications such as Candy Crush Saga, Pandora and Angry Birds routinely collect it.

"This makes it possible for third party developers to collect high-resolution mobility data under the radar, circumventing the policy and the privacy model of the Android ecosystem," wrote Sune Lehmann, an associate professor at DTU Informatics at the Technical University of Denmark, in a blog post.

The study said it wasn't suggesting that Candy Crush Saga, Pandora and Angry Birds collected Wi-Fi scans for location purposes but that they would, in theory, have the ability to do so.

Location data is seen as valuable for purposes such as advertising, where context-specific ads can be shown as a person moves into a certain area. But that sort of tracking has raised privacy concerns over how users are notified that the tracking is taking place and if they can opt out.

The researchers tracked 63 students over six months. Since people tend to have regular movement patterns, "a few most prevalent routers can work effectively as proxies for their location," the study said.

A third party that can get access to Wi-Fi access point scans from a device without authorized access to location data can still "effectively determine the location of each individual 90 percent of the time." For some students, just four access points could describe their approximate location most of the time, it said.

Android applications usually have a set of permissions that someone who installs an app must approve. But the permission for Wi-Fi scanning is separate from the one asking for location data, and granting the permission generally isn't considered risky, the study said.

The study notes that Apple introduced in iOS 8 a method to make it more difficult for Wi-Fi access points to collect consistent data on devices. iOS 8 will spoof a device's MAC (media access control) address.

But Lehmann wrote that Apple's method doesn't address the problem in the study "where data is collected by an application on the phone, not by external devices."

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags Massachusetts Institute of TechnologyTechnical University of DenmarkUniversity of Copenhagen

Events

Featured

Slideshows

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners

This year’s Reseller News 30 Under 30 Tech Awards were held as an integral part of the first entirely virtual Emerging Leaders​ forum, an annual event dedicated to identifying, educating and showcasing the New Zealand technology market’s rising stars. The 30 Under 30 Tech Awards 2020 recognised the outstanding achievements and business excellence of 30 talented individuals​, across both young leaders and those just starting out. In this slideshow, Reseller News honours this year's winners and captures their thoughts about how their ideas of leadership have changed over time.​

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners
Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security

This exclusive Reseller News Exchange event in Auckland explored the challenges facing the partner community on the cloud security frontier, as well as market trends, customer priorities and how the channel can capitalise on the opportunities available. In association with Arrow, Bitdefender, Exclusive Networks, Fortinet and Palo Alto Networks. Photos by Gino Demeer.

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security
Reseller News welcomes industry figures at 2020 Hall of Fame lunch

Reseller News welcomes industry figures at 2020 Hall of Fame lunch

Reseller News welcomed 2019 inductees - Leanne Buer, Ross Jenkins and Terry Dunn - to the fourth running of the Reseller News Hall of Fame lunch, held at the French Cafe in Auckland. The inductees discussed the changing face of the IT channel ecosystem in New Zealand and what it means to be a Reseller News Hall of Fame inductee. Photos by Gino Demeer.

Reseller News welcomes industry figures at 2020 Hall of Fame lunch
Show Comments