Having only been released on July 6th, Pokemon GO has put mobile app gaming enthusiasts into a haze of augmented reality, and its users at certain risk of data and personal identity theft. How is this possible? When signing up with Niantic Labs to download the app, people are asked to link their Google accounts with their Niantic account. This has allowed the company that wields the Pokemon GO app a dangerous amount of access to their customers’ personal information such as their Gmail accounts and everything in it. A spokesperson for Niantic has denied that they planned to gain such deep levels of access to their users’ Google accounts, saying they only collect “basic Google account information,” and attribute the deep levels of access as a “technical error with the app”. Niantic has vowed to fix the error.
But, until that occurs, are Pokemon GO gamers really safe?
Safety and Security Issues
There are other issues with the current gaming craze. Physical safety issues, occurrences of trespassing on “hallowed ground” such as the 9/11 memorial and Holocaust Museum, and people who cannot stop playing the addictive game are other reasons besides the cybersecurity one raising eyebrows and alarm. Senator Al Franken, D-Minn. has raised concern, writing an open letter to Niantic CEO John Hanke, asking for more clarity on security concerns with the gaming app. Noting in the letter that the gaming app has been downloaded more than 7.5 million times, he voiced concern “about the extent to which Niantic may be unnecessarily collecting, using, and sharing a wide range of users’ personal information without their appropriate consent.”Personal privacy is another issue, Sen. Franken citing the fact that the game uses GPS technology to track users’ every step. Sen. Franken has asked for a response from Hanke by August 12th.
Evidence of Risk
Even though John Hanke and Niantic Labs are downplaying the risks involved with signing up for the Pokemon GO app, it sounds like a classic PR damage control move. On the other hand, with Niantic now on the hot seat, it seems unlikely that they would put themselves at risk of cybertheft charges when trying to make a serious name for themselves in the gaming industry. Still, we live in an age of corporate sleight-of-hand, where data can be furtively expropriated, emails and other data can be conveniently deleted, and people can look into cameras, smile, and lie. In short, no one can be 100% sure they aren’t compromised online when giving over personal data to giants like Google and their third-party affiliates.
Downgrading Google Account Permissions
Niantic has assured the public at this point that they have the option, when signing up to join the augmented reality craze, ofdowngrading their Google Account permissions–allowing, in effect, only superficial details like name, country, phone number, etc. The company has assured Pokemon GO fans that they cannot be forced to give over personal data that would put them in a compromising position. Still, cyber safety pundits like Adam Reeve argue that when logging into Google on iOS to play the game, users’ sensitive data can be easily read by Niantic, noting that “Pokemon Go has full access to your Google account”. But, most gamers probably blissfully shrug it off by saying, “So what? Google already knows everything anyway,” and skip along the war memorial path to capture more fake creatures.
IT Security Pros
If you have questions or concerns about keeping your online data safe and secure when using gaming apps like Pokemon GO, you need the counsel of IT professionals who understand the risks and what’s required to safeguard you from them. 403Tech Inc is the trusted choice when it comes to staying ahead of the latest information technology tips, tricks, and news. Contact us at (403) 215-7506 or send us an email at [email protected] for more information.