Indian Android Smartphone Users Too At Data Theft Risk

NEW DELHI: News that security firm Kryptowire identified a "backdoor" spyware in Android smartphones in the US which collected sensitive personal data and transmitted it to servers in China has shaken cybersecurity experts in India -- a country where one in five smartphones are of Chinese make.

Jump-started by the US Defense Advanced Research Projects Agency (DARPA) and the Department of Homeland Security (DHS), Kryptowire last week revealed that these Android devices were available through major US-based online retailers like Amazon and BestBuy and included popular smartphones such as BLU R1 HD devices.

The devices actively transmitted user and device information including text messages, contact lists, call history with full telephone numbers, and unique device identifiers to third-party servers in China without user-consent, Kryptowire claimed.

Shanghai Adups Technology Co Ltd, the Chinese company behind the spyware -- or firmware -- later admitted that it planted them in some Android phones "by mistake" but the "text messages, contacts or phone logs" were not shared with anyone else.

The revelation has raised security and privacy concerns in India. There are nearly 250 million unique smartphone users in the country and by the end of the year, there will be 280 million Indians with these devices.

"Nearly 94 per cent of these people are using Android devices and Chinese smartphone users are at roughly 60 million, which means one out of five smartphone users in India is using a 'Made in China' device. Thus, security becomes a paramount concern here," Tarun Pathak, Senior Analyst, Mobile Devices and Ecosystems at New Delhi-based Counterpoint Research, told IANS.

With digital consumption on the rise, the security risk is growing multifold.

"Indian smartphone users are at the same risk as users in the US when it comes to sensitive personal data and information being copied from phones and transmitted to undisclosed locations without their consent or knowledge. This is owing to the security vulnerabilities that exist in the Android system," explained Pavan Duggal, one of the nation's top cyber law experts.

Android is a very fertile platform with a large number of contaminants and infections. Hundreds of thousands of infections have been discovered on the Android platform in the last few years.

According to Rahul Tyagi, Vice President (Training) at IT risk assessment and digital security services provider Lucideus, Indian users share the same threat as China continues to be a major exporter of smartphones.

"Given the current market, there are a lot of new phone companies/models being launched every day with advanced features at a low price, most of them being manufactured in China -- which may put user-privacy at great risk," Tyagi told IANS.

Owing to the competition, companies are trying to give the best hardware experience to consumers but what is lacking is proper security auditing in their custom-operating systems and firmware.

Read Also:
Switzerland to Share Bank Account Details from September 2018
Bill To Ban Commercial Surrogacy Introduced In Lok Sabha