Privacy Report Card for Online Solutions Targeting Seniors
Organization
Concordia University
Published
2022
Project leader(s)
Mohammad Mannan and Amr Youssef
Summary
Like other segments of the population, elderly people are also rapidly adopting the use of various mobile apps, and numerous apps are being developed that focus exclusively on their specific needs. Mobile apps help the elderly improve their daily lives and increase their connectivity. They also help caregivers and family members monitor the well-being and health-related activities of their loved ones.
However, while these apps are very useful, they also operate using significant amounts of sensitive and private data, such as healthcare reports, live location, and the personally identifiable information of elderly people and caregivers. Although privacy and security issues in mobile applications for the general population have been analyzed widely, limited work on elderly-focused apps has been done. This research project sheds light on the privacy and security issues in mobile apps intended for elderly users, using a combination of dynamic and static analysis on 146 popular Android apps from the Google Play Store.
To better understand some of these apps, the researchers also test their corresponding Internet of Things devices. Their analysis uncovers numerous security and privacy issues, leading to a breach of private information and allowing adversaries to access user data. The researchers found that 95 of 146 apps fail to adequately preserve the security and privacy of their users in one or more ways; specifically, 15 apps allow full account takeover, and 9 have an improper input validation check.
The researchers hope their study will raise awareness about the security and privacy risks introduced by these apps and direct the attention of developers to strengthening their defensive measures.
Project deliverables are available in the following language(s)
English
- English (HTML document)
OPC-funded project
This project received funding support through the Office of the Privacy Commissioner of Canada’s Contributions Program. The opinions expressed in the summary and report(s) are those of the authors only and do not necessarily reflect those of the Office of the Privacy Commissioner of Canada. Summaries have been provided by the project authors. Please note that the projects appear in their language of origin.
Contact information
Principal Investigator: Dr. Mohammad Mannan
Phone: 1-514-848-2424, ext. 8972
Email: Dr. Mohammad Mannan
Researcher: Dr. Amr Yousef
Phone: 1-514-848-2424, ext. 5441
Email: Dr. Amr Yousef
Concordia University
1455 De Maisonneuve Blvd. West
Montreal, Quebec H3G 1M8
- Date modified: