“We know what you did last summer!
Not only what you did, but where you did it, too.
WeÂ can even access your Google account and watch over your life.
Or target you with Ads based on your locations” -Niantic, or Nintendo, or whatever third-party they are collaborating with.
The fuss is just getting bigger and bigger, now that they are officially launching the app worldwide. But, what doesÂ it cost you, to “play the game for free”.
Revealing your Google data
To install this game you have to sign inÂ either with an pokemon.com account or your Google account. If you donâ€™t already have a Pokemon Club account, it would be easier for you to share your Google account with the company behind Pokemon Go (Niantic). At first there was a security hole in this login method, now they say itâ€™s patched, but who knows…
Niantic claims this is a mistake, but if itâ€™s not it can read your emails and monitor your entire digital life.
Revealing your location, everywhere, always
It is an augmented reality game that requires your GPS location and a data connection. So, donâ€™t expect your privacy to be preservedÂ while playing this game.Â What happens to ourÂ data, and how much does Niantic really know about us?
Sharing other information from your phone
Remember the blog post about knowingÂ what you allow your apps to do. Well, you should know what you would allow to this app to do, too.
When you install the app, Niantic will ask to collect information from your phone:
- through your camera -Â augmented reality game
- location -Â needs your location
- storage access - why would they need that?
- Contacts - the game is a single player, why would they need your contacts info???
Be aware that your data is aÂ business asset to them
Yes, you play the game for free, but there must be a catch. Every free service wants something in return. Itâ€™s still too early to tell where theyâ€™ll head up to. It can be a great platform for product placement (from a marketing perspective) or a great ads platform. It wouldnâ€™t be anything new, since we are already used to it.Â But, they will certainly exploit the vast data they now own and profit from it.
What is more, they could influence peopleâ€™s decisions and shape their behaviour: WhenÂ businesses (third parties or other) start leveraging Nianticâ€™s data we could expect people headed to locations that are of marketing and sales interest, thus promoting things people donâ€™t need or donâ€™t even know they exist. So, they can be influenced to spend more money, or even vote for someone, or go to insecure places.
Nianticâ€™s “third-party” partners are not publicly known yet, so who knows who might get to use the data in the future or who gets the data now.
If you donâ€™t want your data to be exploited
You can always remove the app from your phone and revoke the permissions that youâ€™ve granted. Itâ€™s what we advise you to do, because itâ€™s not worth the risk of hacking their servers and revealing all userâ€™s personal information.
And if youâ€™ve decided to say goodbye to your privacy, watch out for malware
Because of the popularity, people everywhere want to have it. But some of them canâ€™t, because itâ€™s not been rolled out globally yet.
So, they go and get the APK from a non-Google Play link, which can easily get them a malicious version of the app. It can make their phones a victim of hackers that can take over the phone data completely.
Itâ€™s not a scare, but a fact that Security researchers at Proofpoint have spotted. They found a malicious version of the PokÃ©mon Go Android app that has been infected with a remote access tool that gives attackers full control over the victimâ€™s phone.
And your offline security
Is it intentional, or not, we donâ€™t know. But, the game sends players to capture virtual Pokemons out to very inappropriate places and locations.
Some of them have found themselves in dark alleys, dangerous neighbourhoods and have been a target of criminals.
So, keep your life safe and be careful when giving yourself to an APP.