Your medical information is probably being leaked online via insecure Android apps


android-medical If you were to go to a doctor right now and get treated or just get a prescription for what might be ailing you, all that happens between you and your doctor is actually privileged information. Your doctor would have no right to share the information with other parties unless through legal coercion. Well, while it isn’t quite the same, applications installed on your Android device, have access to basic security countermeasures since you, the user authorized them to.

Here comes the dangerous part, since you authorized the apps to have access to almost every bit of information on your phone, there’s no telling what the apps do with all that information. Two medical apps, the iPharmacy Drug Guide & Pill ID app are applications which should be used with caution.

Appthority reports that the iPharmacy app has quite a number of loopholes that are quite dangerous and can be exploited with ease. Appthority Chief Architect and Co-Founder Kevin Watkins had this to say about the application.

For an app that has earned a top developer award from Google Play, [we] found it to be one of the top offenders when it comes to risky privacy behaviors for apps in the health or medical category

For example, your username and password are only encoded with a common encoding scheme, which regarding the sensitivity of the information should be more advanced and a bit harder to crack.To add salt to festering injury (no pun intended) your searches for drugs on the app are sent over the network, along with your user info, without any encryption at all.

iPharmacy also sends out your personal info to three different ad networks (and yes nobody likes in-app ads). When i say personal information here,i am talking about your exact Geo-location(with pin-point accuracy),your precious androids IMEI number, the WI-Fi access points currently in use (and used in the past),your wireless carrier,the exact model of your phone and also includes the list of all the apps on your device (yes, even the Mikandi app n your phone).

All your activities within the app are also tracked by Google Analytics and UrbanAirship. Appthority also found out that the app’s privacy policy states many claims which seem to be false (patent wise). Case and point being, the app says that it will not collect data on users under the age of 18, yet the iPharmacy app does not have an age verification procedure. The privacy policy also states that it does collect non-personal information,but does not state the extent to which it gathers information.

android-spy-app-m-spyA hacker can intercept information with your data,and use that data to his advantage.Data such as what drugs your prescribed to,past searches and historical data.

You can imagine someone at a cafe being able to spot the [iPharmacy user] searching for specific pharmacy drugs by using the Geo-location being sent by the app, pinpointing their general location, and looking for someone with a specific device model.

Be very careful about the apps you install,they might cost you a lot more than the Trojans and malware you’ve been trying to avoid,since you gave the app full access,remember?