Cross-platform privacy leaks in apps

OData support
Dr. Biczók Gergely
Department of Networked Systems and Services

Nowadays, with the rapid development of technology and the increasingly widespread use of the Internet, people are more and more concerned about their privacy. We can hear news more often about the abuse of users’ personal data and its consequences.

For example, the Facebook–Cambridge Analytica data scandal, where Cambridge Analytica gathered data from 50 million users, then developed a software that profiled these citizens to predict voting patterns – and, through micro-targeted ads, influence US citizens’ voting decisions.

This has long been a problem but the new European Data Protection Regulation (GDPR), will be in force shortly and it will bring serious changes in personal data storage and management.

We do not even think about how many different platforms we use daily and how much personal data we make accessible. There are almost no people who do not have a Google or Facebook account, do not use a smartphone, or do not store their files in a cloud.

In most cases, developers have the opportunity to create applications for a variety of platforms. These are called cross-platform applications. Through different platforms, a huge sort of different data can be collected from users.

By arranging these data, a profile from the user can be created. Through the different platforms with only few permissions a huge profile can be built, almost unnoticed. This profile can be used for personalized ads, but illegal trade with data can also be profitable.

In my thesis, I would like to draw attention to the dangers behind the cross-platform applications. I would like to present some of the findings of the research related to this topic and provide an overview of how much data can be collected nearly unnoticed across platforms.

After that, I collect applications from different real platforms, such as Android, Windows or Facebook, and search for potentially profiling developers and apps.


Please sign in to download the files of this thesis.