Learning and Finance | Joanne Wise – Pokemon Go: The game collects settings from users’ phones, including Global Positioning System and the local time, to detect where and when they are active in the game.
Adam Reeve, principal architect of security firm Red Owl, however, found that Pokemon Go required overly broad permission for those using a Google account as a sign-in. When clicked, this leads to a website with very vague information, with Google saying it has access and the ability to modify “nearly all information” in an account.
Media reports over the weekend highlighted that Niantic pushes users to sign up for the app by linking it to their Google account. One must be careful while giving permissions to certain apps and must give access to the one they trust and are on their computer, personal phones or tablets.
Pokemon Go takes full access when used with a Google account.
Reeve added he only assessed his hypotheses with what Google meant with “full account access”.
To reduce the game’s access to your Google account, simply download the update from the App Store, which has resolved other issues with the game as well.
“It seems to have been done by mistake”, claimed mobile security expert Domingo Guerra. But Franken wants to be extra sure that Pokemon Go is not exploiting its users’ privacy.
Franken, who sits on the Senate subcommittee on privacy, technology, and the law, accused the company of collecting users’ information and potentially sharing it with third-party service providers.
A lot of people voiced their concerns about Pokémon Go’s intrusive permissions requests which, if granted, would allow Niantic to access every bit of your Google identity.
Read the original article on Learning and Finance here.