Mobile dating apps lack encryption, leave daters vulnerable

Share this article:

Online daters might have to worry about more than just their hearts being stolen this Valentine's Day, after HP research showed that more than 90 percent of popular dating mobile apps it scanned sent out sensitive information, including purchasing information, unencrypted from phones.

According to Pew Research, one in ten Americans have used an online dating site like eHarmony, OKCupid, Zoosk, Grindr and eVow and 59 percent of Internet users agree “online dating is a good way to meet people.” But the HP research shows that they're flirting with having identifying information compromised.

When HP used Fortify-on-Demand to scan 12 popular dating sites, it found that all of them registered at least two privacy alerts, out of 11 scans. In addition, more than 70 percent asked for access to a user's geo-location which can be leaked if an app sends it out unencrypted to a third party that has not been authorized by the user. 

To improve security, dating sites must "simultaneously educate developers on how to create secure code easily [and] to integrate security checks into the development lifecycle," a spokesperson for HP told SCMagazine.com in a Valentine's Day email.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

ISSA tackles workforce gap with career lifecycle program

ISSA tackles workforce gap with career lifecycle program ...

On Thursday, the group launched its Cybersecurity Career Lifecycle (CSCL) program.

Amplification DDoS attacks most popular, according to Symantec

Amplification DDoS attacks most popular, according to Symantec

The company noted in a whitepaper released on Tuesday that Domain Name Server amplification attacks have increased 183 percent between January and August.

Court shutters NY co. selling security software with "no value"

A federal court shut down Pairsys at the request of the Federal Trade Commission.