Phone Data Security at Your Fingertips

Researchers from New York University and Michigan State University say the key to phone data vulnerability is at your fingertips. Biometrics, namely fingerprints, are a common means of user authentication. But, is it as secure as it appears to be? In a study published in IEEE Transactions on Information Forensics and Security, researchers considered the possibility of hackers creating a set of synthetic or real “Master Fingerprints” able to log into a high rate of devices.

Smartphones’ sensor for collecting fingerprint data is too tiny to accommodate the whole print. So, users are prompted to give multiple impressions of the same finger when setting it up. A user is prompted to give [...]

Share

DAA’s Mobile Privacy Rules

This article discusses the Digital Advertising Alliance’s (DAA) mobile privacy guidelines. These new standards will address targeting ads based on information collected across apps, and will allow consumers to opt [...]

Share

Location Data is Not Constitutionally Protected

According to a report early September, US feds declared that mobile phone location data was unfortunately not constitutionally-protected. The Obama administration declared to the US federal court that the public has “no reasonable expectation of privacy,” as far as mobile phone location data is concerned. This means that the authorities may obtain data regarding an individuals’ movements from wireless carriers without a probable-cause [...]

Share

Location-Aware Mobile Social Network Systems

This article takes a look at location-aware mobile social networks (LAMSNs) and the privacy and security concerns inherent in these environments. The article examines three classes of privacy and security problems associated with mobile social network systems: 1) Direct anonymity issues; 2) Indirect or K-anonymity issues; and 3) Eavesdropping, spoofing, replay and wormhole [...]

Share

Meaningful Privacy Protections for Mobile Services

Mobile environments present unique threats and challenges to privacy and security. This article takes a look at two main types of threats in such environments: signal interception and access to user information. It then examines four important recommendations made by EPIC to the mobile industry regarding the current state of privacy protection approaches. These recommendations are: 1) A notice-based privacy regime provides inadequate protection for consumers; 2) Privacy labels or icons suffer from many of the same flaws as traditional privacy notices; 3) The FTC’s conception of disclosure should include transparency, access and correction, in addition to notice; and 4) Explore the connection between disclosure and a broader regime of privacy [...]

Share