Mobile dating apps lack encryption, leave daters vulnerable

Share this article:

Online daters might have to worry about more than just their hearts being stolen this Valentine's Day, after HP research showed that more than 90 percent of popular dating mobile apps it scanned sent out sensitive information, including purchasing information, unencrypted from phones.

According to Pew Research, one in ten Americans have used an online dating site like eHarmony, OKCupid, Zoosk, Grindr and eVow and 59 percent of Internet users agree “online dating is a good way to meet people.” But the HP research shows that they're flirting with having identifying information compromised.

When HP used Fortify-on-Demand to scan 12 popular dating sites, it found that all of them registered at least two privacy alerts, out of 11 scans. In addition, more than 70 percent asked for access to a user's geo-location which can be leaked if an app sends it out unencrypted to a third party that has not been authorized by the user. 

To improve security, dating sites must "simultaneously educate developers on how to create secure code easily [and] to integrate security checks into the development lifecycle," a spokesperson for HP told SCMagazine.com in a Valentine's Day email.

Share this article:

Sign up to our newsletters

More in News

Five schools earn NSA's excellence in cyber ops distinction

The schools earned NSA's Centers for Academic Excellence designation for their cyber offerings.

With RATs at their disposal, 419 scammers target businesses

With RATs at their disposal, 419 scammers target ...

A new report reveals how Nigeria's 419 scammers are spreading malware to pocket business funds.

InfoSec pros worried BYOD ushers in security exploits, survey says

InfoSec pros worried BYOD ushers in security exploits, ...

A study by the Information Security Community on LinkedIn found most organizations don't have proper polices and support for BYOD.