Are the Ride and Food Sharing Apps Privacy-aware in Bangladesh? Investigating Android Permissions Usage

2022 International Conference on Advancement in Electrical and Electronic Engineering (ICAEEE) Pub Date : 2022-02-24 DOI:10.1109/icaeee54957.2022.9836460

Ishorju Agnes Botlero, Merina Tanjin, Mourina Tasnim Hridita, Md. Mehedi Hassan Onik

{"title":"Are the Ride and Food Sharing Apps Privacy-aware in Bangladesh? Investigating Android Permissions Usage","authors":"Ishorju Agnes Botlero, Merina Tanjin, Mourina Tasnim Hridita, Md. Mehedi Hassan Onik","doi":"10.1109/icaeee54957.2022.9836460","DOIUrl":null,"url":null,"abstract":"An android application (Apps) can only access sensitive user information once it gets the user's consent via the ‘android permission system’. Permissions determine how much Personally Identifiable Information (PII) Apps can access and how harmful Apps can be. However, it is often noticed that android Apps developers often gather irrelevant information, directly conflicting with the Apps sole purpose. Consequently, willingly and unwillingly, users are often allowing permissions and putting their privacy at stake. This study investigates and compares whether the same purpose android Apps asking identical permissions or not. For investigation, this work explores widely used food-sharing and ride-sharing Apps from Bangladesh. Twenty (20) such Apps, including Foodpanda, Pathao, Uber, HungryNaki, Obhai were installed followed by a thorough inspection based on their purposes. In addition, this study also considers context-aware user information prioritization and ranks the considered Apps accordingly. This work finds that Android Apps collect more information than needed, although their purpose was identical. On top of that, popular Apps with more downloads and higher rankings tend to collect large-scale irrelevant permissions.","PeriodicalId":383872,"journal":{"name":"2022 International Conference on Advancement in Electrical and Electronic Engineering (ICAEEE)","volume":"3 1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-02-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 International Conference on Advancement in Electrical and Electronic Engineering (ICAEEE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/icaeee54957.2022.9836460","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

An android application (Apps) can only access sensitive user information once it gets the user's consent via the ‘android permission system’. Permissions determine how much Personally Identifiable Information (PII) Apps can access and how harmful Apps can be. However, it is often noticed that android Apps developers often gather irrelevant information, directly conflicting with the Apps sole purpose. Consequently, willingly and unwillingly, users are often allowing permissions and putting their privacy at stake. This study investigates and compares whether the same purpose android Apps asking identical permissions or not. For investigation, this work explores widely used food-sharing and ride-sharing Apps from Bangladesh. Twenty (20) such Apps, including Foodpanda, Pathao, Uber, HungryNaki, Obhai were installed followed by a thorough inspection based on their purposes. In addition, this study also considers context-aware user information prioritization and ranks the considered Apps accordingly. This work finds that Android Apps collect more information than needed, although their purpose was identical. On top of that, popular Apps with more downloads and higher rankings tend to collect large-scale irrelevant permissions.

查看原文本刊更多论文

在孟加拉国，拼车和食物共享应用程序有隐私意识吗?调查Android权限使用情况

android应用程序(Apps)只有在通过“android权限系统”获得用户同意后才能访问敏感用户信息。权限决定了应用程序可以访问多少个人身份信息(PII)以及应用程序的危害程度。然而，人们经常注意到，android应用程序开发人员经常收集不相关的信息，直接与应用程序的唯一目的相冲突。因此，无论是否愿意，用户经常允许权限，并将自己的隐私置于危险之中。本研究调查并比较了相同目的的android应用程序是否要求相同的权限。为了进行调查，本作品探索了孟加拉国广泛使用的食物共享和拼车应用程序。安装了二十(20)个此类应用程序，包括Foodpanda、Pathao、Uber、HungryNaki、Obhai，然后根据其用途进行了彻底检查。此外，本研究还考虑了上下文感知的用户信息优先级，并相应地对所考虑的应用程序进行排名。这项研究发现，Android应用程序收集的信息比需要的要多，尽管它们的目的是相同的。最重要的是，拥有更多下载量和更高排名的热门应用往往会收集大量无关权限。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2022 International Conference on Advancement in Electrical and Electronic Engineering (ICAEEE)

自引率

0.00%

发文量