These applications may be placing the private information of their users at risk of exposure.
A recent study analyzing the dating app security in some of the most popular applications has found some serious vulnerabilities. Kapersky labs conducted the research and has found that many of these mobile apps are not adequately protecting the private information of their users.
The research found the mobile apps leave users vulnerable to hackers who can potentially identify the users.
The lack of dating app security could then allow the hackers to steal the personal information of those users. This failure to protect app users is leaving them open to attacks from criminals who could find out information about their social media profiles or could even use geolocation technology to track their movements throughout the real world. That could leave their homes, vehicles or even their own persons in direct risk.
Kapersky Labs’s study pointed to the token based authentication process as one of the main sources of security risk in the dating apps. That authentication process is what many applications use during the new user registration process.
The dating app security issues begin from the moment a user registers to use the application.
When a new user registers to use one of those dating applications, a token is created by the request. This makes it possible to identify that unique user. This usually occurs in the form of requesting access to a Facebook account. From there, the app receives access to basic general information such as the user’s email address, first and last names and his or her profile picture. In this way, the dating application can authenticate the user through its own servers based on the social media data confirmation.
Unfortunately, the tokens are typically used or stored insecurely. The Kapersky Lab research discovered that the tokens are easy for criminals to steal. With their digital hands on the tokens, the criminals can obtain access to victims’ dating app accounts without requiring either login or password credentials.
Furthermore, the low dating app security places the user message histories at risk. This was particularly true for Android users whose devices were operating on outdated software. That software may contain vulnerabilities that open the devices to attackers who could gain root access. That would make it possible for a criminal to look at photos the user has viewed and read the messages the user has read within their dating applications.
