Mobile dating apps lack encryption, leave daters vulnerable

Share this article:

Online daters might have to worry about more than just their hearts being stolen this Valentine's Day, after HP research showed that more than 90 percent of popular dating mobile apps it scanned sent out sensitive information, including purchasing information, unencrypted from phones.

According to Pew Research, one in ten Americans have used an online dating site like eHarmony, OKCupid, Zoosk, Grindr and eVow and 59 percent of Internet users agree “online dating is a good way to meet people.” But the HP research shows that they're flirting with having identifying information compromised.

When HP used Fortify-on-Demand to scan 12 popular dating sites, it found that all of them registered at least two privacy alerts, out of 11 scans. In addition, more than 70 percent asked for access to a user's geo-location which can be leaked if an app sends it out unencrypted to a third party that has not been authorized by the user. 

To improve security, dating sites must "simultaneously educate developers on how to create secure code easily [and] to integrate security checks into the development lifecycle," a spokesperson for HP told SCMagazine.com in a Valentine's Day email.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Four men charged with stealing Microsoft and U.S. Army trade secrets

Four men charged with stealing Microsoft and U.S. ...

The young men allegedly used SQL injection and stolen logins to gain access to systems at various companies and steal their intellectual property.

Google bumps maximum Chrome bug bounty reward to $15K

A high-quality report with a functional exploit for a sandbox escape will earn a bug hunter $15,000, according to the new reward amounts.

Survey: orgs adopt hybrid cloud environments despite security concerns

Survey: orgs adopt hybrid cloud environments despite security ...

Despite difficulties and concerns regarding security, more than 60 percent of respondents have adopted or plan to adopt a hybrid cloud environment.