To find a ‘match’ in Tinder we have to share personal information with other users. If you don’t have at least one picture and you don’t describe yourself a bit, how will anyone know if they are interested in you? The same happens when you visit other profiles.
However, each person can decide what to make public and what not. At least in theory, because a recent study by the University of South Australia questions the privacy of the eight most popular dating apps in Google Play, including Tinder and Grindr.
The research done by these computer security experts shows how easy is to access the data stored in these tools (hidden from the rest of the community), as email addresses and private messages exchanged with other users.
The first thing they did was to create a fake profile on each of the dating apps and from a cell phone try to steal other users’ information. They became cyber thieves for research purposes intercepting the network’s traffic data and tracking the apps supposedly private directory.
For major concern, they discovered that all these apps had huge security gaps which made them vulnerable to these kinds of attacks, achieving their goal: they obtained personal information of many profiles and saved it in their phone.
In Tinder, which has over 50 million customers, they stole the pictures of all the profiles they visited with their fake account. In addition, they obtained their Facebook ID (a different sequence of numbers and letters assigned to each person), and with it they were able to identify every one of the accounts in the social network and access them.
If we take a look at Grindr, the findings are even more alarming. The research team amassed amounts of personal information of the different users they had visited with their fake account; from their birthdate to the distance between them and the owner of the last profile they viewed, through a complete record of all sent and received emails and their email account.
In light of the results, the authors warn us to be careful with the applications we choose for meeting people. They also recommend developers to add more strict security measures to prevent attacks, like the ones the researchers performed without many difficulties.
In addition, they claim that the cell phone is the cybercriminals’ main target: most users, regardless of their age and sex, have one. In them we store personal information which not even friends or family know.
This is not the first time a research questions Tinder’s security level. In 2013, another research team founded that is possible to know the longitude and latitude where a user is due to another vulnerability in the tool.
The post Tinder, the app where you can have your heart stolen, but also your information and your pictures appeared first on MediaCenter Panda Security.