Exact matches only
Search in title
Search in content
Search in comments
Search in excerpt
Search in posts
Search in pages
Search in groups
Search in users
Search in forums
Filter by Categories
Banking Security
Cyber Attacks
Cyber Defence
Cyber War
Cybersecurity jobs
Data Privacy
IT Governance
List of Archives
Mobile Security
Security Awareness
Security Events and Seminars
Security Reports
Security Risk
Web Defacement
Wordpress Vulnerability
Pokemon game raises cyber security concerns

The wildly popular Pokémon Go smartphone app, in which players move around in the real world in order to catch virtual “pocket monsters,” has created safety and security concerns in both the real and cyber universes.

With virtual places in the game superimposed over real places, it is also causing issues of people trespassing on private property or accessing public areas, like local parks, at times when visitors are not permitted.

Other concerns about the the game’s “augmented reality” include distracted players trespassing on private property or wandering into dangerous situations while looking for pokéstops and gyms — places where gamers can collect needed items and train their Pokémon.
The game’s developer also has had to respond to concerns about its access to user Google accounts.

Developer Niantic doesn’t allow players to just create a username to play. Instead, users must sign in with an existing account from one of two services — Pokémon.com or Google.
With the huge popularity of the game, however, the Pokémon website isn’t processing new accounts.

“Pretty much you had to use your Google account,” said Nick Paras, CEO of cyber security firm Alpha Computing Solutions in Florida. That originally gave Niantic full access to accounts, something most other games don’t require.

Full access means Niantic can read your email, send email as you, access your documents on Google Drive, and look at your search and map navigation histories.
Google settings actually warn users against granting full access, saying it “should only be granted to applications you fully trust.”

Several news sources are reporting Pokémon Go creator Niantic has pushed through an iOS app update that corrects the full access error.

With the update, Niantic is only requesting access to basic account information, such as a user’s name and Gmail address.

The Wall Street Journal reports that iPhone users should log out of the app and download the update. Then, log back in with their Google account to see the scaled-back permissions.
The app’s authorization under Google settings should say, “Has access to basic account info.”

Protecting data

Cyber security experts said it’s not unusual for an app to collect as much information about users as possible so they can sell that data to marketers.

“If you’re not paying for it, you’re the product,” said David Salisbury, professor of information systems at the University of Dayton.

Users should look for requests that seem unnecessary for the app to function, Paras said, like a flashlight app that requests location data.

“There’s absolutely no need for that,” he said, so reading each privacy policy is key.
Pokémon Go’s policy says it collects information such as email addresses, date of birth, IP address, browser type, the web page a user was visiting before accessing the game and more.
The game also collects and stores location information from the player’s GPS while they use the app.

That’s typical of location-based apps, Salisbury said, because companies want to sell you products based on where you go.

Some local players said they’re OK with the full Google access because it’s worth it to play.

“It’s kind of an invasion of privacy but as long as they don’t give my information out to anybody I don’t see an issue with it,” said Griffin Goetz, 18.

Personal safety

Players said the game isn’t dangerous as long as people use common sense.

“I walked a lot with a friend,” said Leslie Klein, of West Chester, who was playing at a Dayton area shopping center Tuesday. “You just kinda have to watch what you’re doing. Whether your nose is in your phone or not.”

Source: http://www.journal-news.com/news/news/local/pokemon-game-raises-cyber-security-concerns/nry4D/