Security firm Lookout scanned nearly 300,000 free applications for Apple’s iPhone and phones built around Google’s Android software. It found that many of them send sensitive information to third parties that can include advertisers and companies that analyze data on users.
Lookout found that nearly a quarter of the iPhone apps and almost half the Android apps contained software code that contained those capabilities.
The data can include full details about user’s contacts, pictures, text messages, Internet and search histories.
The problem arises when the third party isn’t careful about securing the information, leaving the data vulnerable to hackers and identity theft.
Lookout executives said the code had been written by the third parties and inserted into the applications by the developers, usually for a specific purpose, such as allowing the applications to run ads. But the code winds up forcing the application to collect more data on users than even the developers may realize.
"We found that not only users but developers as well don't know what's happening in their apps, even in their own apps, which is fascinating," Lookout CEO John Hering said.
Lookout also said that part of the problem is smartphones don't alert users to all the different types of data the applications running on them are collecting. IPhones only alert users when applications want to use their locations.
In addition, Lookout added, while Android phones offer warnings when applications are first installed, many people breeze through them for the gratification of using the apps quickly.