Mobile dating apps lack encryption, leave daters vulnerable

Share this article:

Online daters might have to worry about more than just their hearts being stolen this Valentine's Day, after HP research showed that more than 90 percent of popular dating mobile apps it scanned sent out sensitive information, including purchasing information, unencrypted from phones.

According to Pew Research, one in ten Americans have used an online dating site like eHarmony, OKCupid, Zoosk, Grindr and eVow and 59 percent of Internet users agree “online dating is a good way to meet people.” But the HP research shows that they're flirting with having identifying information compromised.

When HP used Fortify-on-Demand to scan 12 popular dating sites, it found that all of them registered at least two privacy alerts, out of 11 scans. In addition, more than 70 percent asked for access to a user's geo-location which can be leaked if an app sends it out unencrypted to a third party that has not been authorized by the user. 

To improve security, dating sites must "simultaneously educate developers on how to create secure code easily [and] to integrate security checks into the development lifecycle," a spokesperson for HP told SCMagazine.com in a Valentine's Day email.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Company news: New hires at Accuvant, ZeroFox and ThreatStream

New hires at Accuvant, ZeroFOX and ThreatStream, while a divestiture at Juniper and an acquisition for BlackBerry.

News briefs: The latest on Sony, Android, Backoff malware and more.

News briefs: The latest on Sony, Android, Backoff ...

This month's news briefs cover a preliminary settlement Sony will bear for the exposure of 77 million customers, and more.

CryptoWall surpasses CryptoLocker in infection rates

CryptoWall surpasses CryptoLocker in infection rates

A threat analysis from Dell SecureWorks CTU says that CryptoWall has picked up where its famous sibling left off.