Health and fitness

Mobile fitness apps pose serious privacy risks

Емилия Найденова

17.06.2025 • 14:01

1952 прегледа

0 коментара

Mobile fitness apps pose serious privacy risks — Снимка от Pexels

New scientific research reveals numerous vulnerabilities in popular Android fitness applications, including inadequate encryption, excessive communication with third parties, and the potential for theft of personal data. The authors call for stricter control and adherence to modern security standards to restore user trust.

Scientists from leading universities conducted a thorough analysis of ten of the most used Android fitness applications, which have a total of 237 million installations. Through static and dynamic review of the code and server communication, they revealed numerous alarming practices that threaten the privacy of user data.

Some of the discovered vulnerabilities include embedding API keys directly in the applications, using inadequate encryption (such as AES in ECB mode), as well as excessive communication with over 230 different third-party domains. This significantly increases the risks of tracking activity and leaking personal information, including health parameters and workout data.

The authors of the study categorically conclude that without constant security checks and compliance with modern standards, user trust in mobile health applications can quickly crumble. They recommend limiting the permissions granted and selecting only applications with a proven safe backend.

Емилия Найденова

Автор на тази статия

Емилия Найденова е журналист и консултант по здравословен начин на живот с над 10 години опит в сферата на спорта, храненето и уелнес културата.

Завършила е специалност „Рехабилитация и кинезитерапия“, а след това се посвещава на писането и популяризирането на съвременни и достъпни решения за по-добро здраве.

В личния си блог и социалните мрежи споделя тренировки, рецепти и вдъхновения за активен живот.