1. Remove all unused applications

This is the easiest suggestion to implement as its a 5 minute audit. Simply go through your phone and remove or uninstall every app they you do not use every day. You might be surprised by the number of apps that you did not even know was on your phone.

If you want to go extreme delete all your apps and then only reinstall apps as you use them. You will be surprised on the difference between daily use apps and rainy day apps. If you feel anxiety about this step do not worry. Most apps keep your data in the cloud, so when you reinstall them your progress most of the time is not lost. In the worst-case scenario I had to burn roaming data when there was no Wi-Fi around when reinstalling Uber that one occasion I got to travel.

2. Limit all permissions

Permissions are big access point for data harvesting. Most applications do not need many permissions to function.

The most permissions users for me were messaging applications because I use hourly to conduct calls and texts to connect with contacts. So their access to camera, microphone, contacts and media storage is most of the time necessary. An easy way to limit data harvesting even further is to make the application ask every time they want to use a permission. Limiting the times applications can use permissions is important.

Here is the screen grab of on an android where I audited permissions.

3. Limit Location access

Location is one of the hardest data harvesting access points to block in my opinion. This is because location settings can be taken from both location services on your mobile but also Sim and Network information from the device itself. Unfortunately its nearly impossible to go off grid with location in my opinion having seen the source code of many applications now. But here are a few screen shots of an android for Location Services that I audited.

4. Cycle or opt out of advertising ID

Both Android and iOS force apps to use a special "ad ID" for tracking smartphones as it is their way to try and anonymize the data at the operating system level. It also reduces the legal risk posed to Google and Apple when third parties conduct mass illegal data harvesting operations like seen in Cambridge Analytica or Zhenhua Data Leak.

This Ad ID though is replacing your phone number or account ID so if you keep it on it basically deanonymizes you over time. Resetting it or stopping it disrupts the tracking that apps were coordinating through your ad ID.

To do this follow these below steps

• For Andriod go to Settings > Privacy > Advanced > Ads and toggle on Opt out of Ads Personalization or Reset advertising ID. Android shows you the alpha-numeric ad ID at the bottom of this screen and when you initiate a reset you see it change.

• For iOS navigate to Settings > Privacy > Advertising and toggle on Limit Ad Tracking or Reset advertising ID.

Here is the screen shots on an android for ad ID that you should audit.

Malcore

This blog has been written as a result of all the data harvesting that has been shown in the app analysis project by Malcore Team.

Malcore’s Blog

Malcore Mobile App Analysis - Social Media & Communication

The Malcore team are releasing individual blog posts on each popular social media mobile applications. These are detailed individual blog posts that pull together the results of Malcore’s analysis per application. The social media industry analysis project shows us the relative Malcore risk score for each application. It is a comparative process where th…

Read more

2 years ago · Malcore Team

Try Malcore for Free!

First 5 scans are free on registration

Free Malcore Registration