Dating apps tighten data security after KU Leuven discovers leaks

People with bad intentions can easily get hold of sensitive data and the exact locations of dating app users, new research from KU Leuven shows. Most apps have since made adjustments to better protect their users.

Researchers at KU Leuven have found among the 15 most popular dating apps that data is often too easily visible to others. Some data, such as name, age or place of residence, are often visible in the app (either mandatory or by choice of the user). However, the new research now shows that even data that should be invisible can easily be found via internet traffic between app and server.

Initially, the researchers made visible the data that the apps get from the servers about other users, which, according to the scientists, is not at all difficult for someone with some computer knowledge. In a second phase, they also actively modified that data traffic to see if it would reveal any additional data. “We only used the built-in functions of the apps, so we did not hack the servers, and we only worked with our self-created profiles, so we did not see any data from real users,” said researcher Karel Dhondt. 

The results were clear: all apps leaked personal and sensitive data, such as gender and sexual orientation, about other users. At Bumble, the researchers were able to see a user's age and gender preferences by adjusting the data traffic. Six of the 15 apps also leaked detailed location data, allowing the researchers to find out an almost exact location of the user.

“‘The risks are clear,” says researcher Victor Le Pochat. “The personal and sensitive data that we were able to expose by simple means is of golden value to people with bad intentions, who can be either acquaintances near you or complete strangers. Releasing personal data makes users vulnerable to online manipulation via phishing or identity theft. When you combine that with sensitive data such as sexual orientation and someone's location, it can lead to physical danger, such as stalking or assault, or even government prosecution, as has already happened in Egypt to lgbtq users.”

The researchers shared the results of their research with app makers. Most of them made the necessary adjustments to plug these leaks, including leaks of exact user locations. 

Earlier this week, a deadly shooting took place in Brussels that was believed to be the result of homophobic violence. The perpetrators allegedly tried to set a trap via Grindr. The dating app subsequently admonished its users to exercise caution.

 

#FlandersNewsService | Grindr app © Chris DELMAS / AFP

 

Get updates in your mailbox

By clicking "Subscribe" I confirm I have read and agree to the Privacy Policy.

About belganewsagency.eu

Belga News Agency delivers dependable, rapid and high-quality information 24 hours a day, 7 days a week, from Belgium and abroad to all Belgian media. The information covers all sectors, from politics, economics and finance to social affairs, sports and culture, not to mention entertainment and lifestyle.

Every day, our journalists and press photographers produce hundreds of photos and news stories, dozens of online information items, plus audio and video bulletins, all in both national languages. Since the end of March 2022 English has been added as a language.

For public institutions, businesses and various organisations that need reliable information, Belga News Agency also offers a comprehensive range of corporate services to meet all their communication needs.

Contact

Arduinkaai 29 1000 Brussels

www.belganewsagency.eu