The recent launch of Pokémon GO—a popular augmented reality game and mobile app that connects with a user’s Google account—has sparked a larger conversation about mobile app permissions and social media connectivity. This is largely due to the fact that, in an early version of the game, Pokémon GO had full access to a user’s Google accounts, unbeknownst to most users.
Similar mobile apps that link to social media platforms like Facebook, LinkedIn and Twitter are common, as they offer an easy way for users to register, post updates and connect with others. This permissions process is typically referred to as “oauth,” and essentially allows for easy third-party authorization through an open framework, either via the web or through mobile apps.
The problem is, however, that these types of app permissions have become commonplace to the point where users no longer consider what information they are sharing across various applications. Oftentimes, it’s not clear what kinds of information is gathered through “oauth”.
To compound the issue, in most cases, users are not given the option pick and choose what information they’d like to publish or share once two apps are connected. As such, in the event that an app is hacked, malicious parties could have full access to a slew of personal information.
To protect themselves, professionals recommend that users review their app permissions at least once a month. Instructions on how to do this for each social media application can be found here.
© Zywave, Inc. All rights reserved