A risk assessment study of children privacy of the mobile apps

Proceedings of the 17th International Workshop on Mobile Computing Systems and Applications, 2016

One aspect of privacy that has not been well explored is privacy for children. We present the design and evaluation of a machine learning model for predicting whether a mobile app is designed for children, which is an important step in helping to enforce the Children's Online Privacy Protection Act (COPPA). We evaluated our model on 1,728 apps from Google Play and achieved 95% accuracy. We also applied our model on a set of nearly 1 million free apps from Google Play, and identified almost 68,000 apps for kids. We then conducted a privacy analysis of the usage of third-party libraries for each app, which can help us understand some of the app's privacy-related behaviors. We believe this list can serve as a good start point for further fine-grained privacy analysis on mobile apps for children.

2021

Security and privacy of mobile users could also be a topic of primary importance, given the widespread and growing use of connected smartphones, the great amount of personal data which is able to leak, and thus the shortage of proper controlled environments within the present mobile scenario (for instance, mobile apps and their handling of permissions). During this paper we specialize in a crucial a vicinity of this scenario: usage of mobile by teenagers. We preliminarily report on an ongoing study that for the first time analyzes truth potential risks that children face when using their smartphones. The foremost novelty is to travel beyond the use of questionnaires, which are a typical and handy tool but that introduce bias within the analysis and are limited with regard to the amount of data they're going to collect. Instead we collect data employing a parental control approach: with prior consent of the parents, the smartphones of underage children are controlled and analyzed...

This study aims to empirically examine the reality that a child's personal information can be easily exposed through an app service. As a result of surveying 100 child-targeted apps in the Apple and Google Play App Stores, we collected on average 12 personal information of individuals that included social security numbers and location information that were not collected and clarified for the purpose of collection.

Central and Eastern European e|Dem and e|Gov Days 2020, 2020

Parents nowadays are facing with the fact that their children are using apps like TikTok or Instagram, and have the same question as millions of other dads and moms: how can they protect their beloved from the dark side of internet? Most parents are anxiou nor turn to their parents for advices to protect themselves. There are two options: parental control and educational software. For the first one, there are nearly 140 software for parents. Mostly they offer the same: filtering, banning, spying. These solutions are not just ineffective, because the kids can circumvent the solutions, but usually deepen the issue between the teenagers and their parents. The latter one is too generic, and do not provide hands-on tips. Mongu for Teen is an educational app designed for 9-13-year-old kids and their parents that gives a solution for this problem. In our aims to protect them and as a case study, our experiences how a developer should follow this privacy regulation and how effective can be an eduware to improve the privacy awareness of digital families.

Sensors

Under the Internet of Things paradigm, the emergence and use of a wide variety of connected devices and personalized telematics services have proliferated recently. As a result, along with the penetration of these devices in our daily lives, the users’ security and privacy have been compromised due to some weaknesses in connected devices and underlying applications. This article focuses on analyzing the security and privacy of such devices to promote safe Internet use, especially by young people. First, the connected devices most used by the target group are classified, and an exhaustive analysis of the vulnerabilities that concern the user is performed. As a result, a set of differentiated security and privacy issues existing in the devices is identified. The study reveals that many of these vulnerabilities are related to the fact that device manufacturers often prioritize functionalities and services, leaving security aspects in the background. These companies even exploit the dat...

In the last decades, the number of mobile devices has grown continuosly. The result of this process is that, currently, the number of mobile phones in western countries exceeds the population size. Also their hardware equipment and the computational capabilities have followed a similar evolution. In fact, most modern mobile phones have embedded cameras and typically very good connectivity support, because they are able to connect to the Internet through the mobile operator network or wireless networks, and to communicate directly with other devices through a Bluetooth interface. Consequently, the gap between personal computers and smart phones has been constantly reduced in time. Moreover, mobile devices such as smart phones or Personal Digital Assistants (PDAs) are powerful enough to run applications that are comparable to those running on normal PCs. Hence, users exploit their mobile phones for many tasks, such as browsing the Internet, reading and writing e-mails, exchanging data (photos, contacts, files, etc) with other devices, and so on. Clearly, these operations involve new vulnerabilities and new threats to the users' privacy. A further issue concerns mobile devices users. Indeed, mobile phones are widespread among young people and minors. In general there are few or even no guarantees about the fact that they will use their device in an harmless way. For instance, they could access (e.g. receiving messages or browsing the web) contents that are not appropriate for their age. The filters that could be provided by the mobile telco operators are not enough to prevent the minors from receiving such material, because these filters can only inspect data sent on the telco network and they have no control on direct connections (e.g. Bluetooth).

Annual Computer Security Applications Conference, 2020

For parents of young children and adolescents, the digital age has introduced many new challenges, including excessive screen time, inappropriate online content, cyber predators, and cyberbullying. To address these challenges, many parents rely on numerous parental control solutions on different platforms, including parental control network devices (e.g., WiFi routers) and software applications on mobile devices and laptops. While these parental control solutions may help digital parenting, they may also introduce serious security and privacy risks to children and parents, due to their elevated privileges and having access to a significant amount of privacy-sensitive data. In this paper, we present an experimental framework for systematically evaluating security and privacy issues in parental control software and hardware solutions. Using the developed framework, we provide the first comprehensive study of parental control tools on multiple platforms including network devices, Windows applications, Chrome extensions and Android apps. Our analysis uncovers pervasive security and privacy issues that can lead to leakage of private information, and/or allow an adversary to fully control the parental control solution, and thereby may directly aid cyberbullying and cyber predators. CCS CONCEPTS • Security and privacy → Systems security.

International conference KNOWLEDGE-BASED ORGANIZATION, 2019

Over the last years, there has been a real revolution of mobile devices, which has effectively translated into the exponential increase in internet access rates on a mobile device as opposed to accessing it on desktop systems. Given the growing importance of smartphones, it is important to assess the privacy and security risks of these devices in order to mitigate them. However, as we know, in modern mobile security architecture, applications represent the most critical elements. In this paper we review common mobile applications flaws involving network communications, data storage, user input handling and also exploring a number of vulnerabilities. While apps provide amazing features and benefits for users, they also represent the main attraction for cyber criminals. In order to have a true picture of the mobile security threat spectrum, this article presents the means of how mobile applications can impact systems security, stability and compromise personal data if they`re not handled properly.

2019

Zenodo (CERN European Organization for Nuclear Research), 2023

In the last few years, there has been a significant increase in smartphone usage among children. Within this topic one development stands out: children are having their first phone at a younger age. It is important for smartphone users to realize what kind of information is on their phone and what possible risk they face when the data becomes accessible to external threats. This research looks into how privacy aware childrens are between the age of seven and twelve of the privacy risks related to smartphone usage, and what influence parental mediation has to the privacy awareness. This paper will focus on two of the most significant risks related to smartphones and children, 1) Data consent , 2) Data Legitimacy. The insights of this paper indicate that children between the age of seven and twelve have insufficient knowledge about these risks.