Not just Google, even free apps on Android and Apple’s iOS are tracking you

We have a number of mobile apps on our smartphones, but how many times do we check what data these apps are gathering and if they really need to access so much? Earlier this week, Google was found to be tracking its users even after disabling location services. Now, a new report reveals that a number of top applications on Google Play store and Apple's App Store access your location data and other critical information.

Norton by Symantec on Friday released a new research on mobile app privacy and fraudulent apps on Google's Play Store. "While we're all eager to click "accept" and "next" when we download a new app, we really should take the time to understand what information we are sharing, how it's being used, and if the app developer is protecting our privacy," says the company in a note.

"One such example is an Android flashlight app that has more than 10 million downloads, and requests access to users' calls, messages, camera, etc. Do you really want to give that app developer access to such personal information just so you could use a flashlight? Probably not."

A study of the top 100 free applications on Google Play and Apple App Stores came up with many applications that request risky permissions or more-than-necessary access to personal data.

According to the report, 45% of the most popular Android apps and 25% of the most popular iOS apps request location tracking. About 46% of popular Android apps and 25% of popular iOS apps request access to a device's camera.

"Some Android apps even ask to access SMS messages (15 percent) and phone call logs (10 percent). Other apps employ very poor security and privacy practices, requesting risky permissions yet do not have any kind of privacy policy in place," the report said.

"Research found another developer, called Pinwheel, which published at least 40 identical fraudulent apps. Some of these apps were named after popular games and movies, including international hits like 13 Reasons Why and local favourites like Dhadak, Big Boss Season 2 Telegu & Tamil, Veeri Di Wedding, Tarek Mehetha etc. to entice users to install them," it added.

Adware and fraud apps on Google Play store
Norton researchers also discovered at least 68 fraudulent apps containing adware by five different developers on Google Play store.

"These apps promise one thing on the app description page but may not actually provide or perform the functionalities as described. Users who download these fraudulent apps end up only wasting time watching advertisements and not getting what they signed up for," the report added.

It also swung the spotlight on a developer called EpicOmegaApps, which had published 11 apps to entice users with features such as converting the user's phone into a mouse remote and unlocking SIM cards, among others. These apps come with complete app title, description and screenshots, making them appear legit.

"After users install the apps, they are subjected to a series of guided screens, with advertisements popping up at every single Next button pressed. However, despite the detailed descriptions for the apps, they provide none of the described functionalities," the report pointed out.