Related papers: Your Signal, Their Data: An Empirical Privacy Analysis of Wireless-scanning SDKs in Android

Your Signal, Their Data: An Empirical Privacy Analysis of Wireless-scanning SDKs in Android

URL: http://arxiv.org/abs/2503.15238v1
Date: Wed, 19 Mar 2025 14:15:02 GMT
Title: Your Signal, Their Data: An Empirical Privacy Analysis of Wireless-scanning SDKs in Android
Authors: Aniketh Girish, Joel Reardon, Juan Tapiador, Srdjan Matic, Narseo Vallina-Rodriguez,
Abstract summary: Mobile apps frequently use Bluetooth Low Energy (BLE) and WiFi scanning permissions to discover nearby devices.<n>Wireless interfaces also serve as a covert proxy for geolocation data, enabling continuous user tracking and profiling.<n>We conduct the first systematic analysis of 52 wireless-scanning SDKs, revealing their data collection practices and privacy risks.
Score: 3.830984415546144
License: http://creativecommons.org/licenses/by/4.0/
Abstract: Mobile apps frequently use Bluetooth Low Energy (BLE) and WiFi scanning permissions to discover nearby devices like peripherals and connect to WiFi Access Points (APs). However, wireless interfaces also serve as a covert proxy for geolocation data, enabling continuous user tracking and profiling. This includes technologies like BLE beacons, which are BLE devices broadcasting unique identifiers to determine devices' indoor physical locations; such beacons are easily found in shopping centres. Despite the widespread use of wireless scanning APIs and their potential for privacy abuse, the interplay between commercial mobile SDKs with wireless sensing and beaconing technologies remains largely unexplored. In this work, we conduct the first systematic analysis of 52 wireless-scanning SDKs, revealing their data collection practices and privacy risks. We develop a comprehensive analysis pipeline that enables us to detect beacon scanning capabilities, inject wireless events to trigger app behaviors, and monitor runtime execution on instrumented devices. Our findings show that 86% of apps integrating these SDKs collect at least one sensitive data type, including device and user identifiers such as AAID, email, along with GPS coordinates, WiFi and Bluetooth scan results. We uncover widespread SDK-to-SDK data sharing and evidence of ID bridging, where persistent and resettable identifiers are shared and synchronized within SDKs embedded in applications to potentially construct detailed mobility profiles, compromising user anonymity and enabling long-term tracking. We provide evidence of key actors engaging in these practices and conclude by proposing mitigation strategies such as stronger SDK sandboxing, stricter enforcement of platform policies, and improved transparency mechanisms to limit unauthorized tracking.

Related papers

Privacy-Preserving Secure Neighbor Discovery for Wireless Networks [0.0]
Traditional Neighbor Discovery (ND) and Secure Neighbor Discovery (SND) are key elements for network functionality. We present a novel Privacy-Preserving Secure Neighbor Discovery (PP-SND) protocol, enabling devices to perform SND without revealing their actual identities and locations.
arXiv Detail & Related papers (2025-03-28T08:27:47Z)
What If We Had Used a Different App? Reliable Counterfactual KPI Analysis in Wireless Systems [52.499838151272016]
This paper addresses the problem of estimating the values of traffic that would have been obtained if a different app had been implemented by the RAN.<n>We propose a conformal-prediction-based counterfactual analysis method for wireless systems.
arXiv Detail & Related papers (2024-09-30T18:47:26Z)
Cross-domain Learning Framework for Tracking Users in RIS-aided Multi-band ISAC Systems with Sparse Labeled Data [55.70071704247794]
Integrated sensing and communications (ISAC) is pivotal for 6G communications and is boosted by the rapid development of reconfigurable intelligent surfaces (RISs) This paper proposes the X2Track framework, where we model the tracking function by a hierarchical architecture, jointly utilizing multi-modal CSI indicators across multiple bands, and optimize it in a cross-domain manner. Under X2Track, we design an efficient deep learning algorithm to minimize tracking errors, based on transformer neural networks and adversarial learning techniques.
arXiv Detail & Related papers (2024-05-10T08:04:27Z)
Cybersecurity Assessment of the Polar Bluetooth Low Energy Heart-rate Sensor [0.0]
Bluetooth low energy (BLE) is a low-power protocol widely used in wireless personal area networks (WPANs) This paper analyzes the security vulnerabilities of a BLE heart-rate sensor. Case-study shows that an attacker can easily intercept and manipulate the data transmitted between the mobile app and the BLE device.
arXiv Detail & Related papers (2024-04-24T18:18:09Z)
DensePose From WiFi [86.61881052177228]
We develop a deep neural network that maps the phase and amplitude of WiFi signals to UV coordinates within 24 human regions. Our model can estimate the dense pose of multiple subjects, with comparable performance to image-based approaches.
arXiv Detail & Related papers (2022-12-31T16:48:43Z)
A Wireless-Vision Dataset for Privacy Preserving Human Activity Recognition [53.41825941088989]
A new WiFi-based and video-based neural network (WiNN) is proposed to improve the robustness of activity recognition. Our results show that WiVi data set satisfies the primary demand and all three branches in the proposed pipeline keep more than $80%$ of activity recognition accuracy.
arXiv Detail & Related papers (2022-05-24T10:49:11Z)
Immediate Proximity Detection Using Wi-Fi-Enabled Smartphones [1.3706331473063877]
We present a new class of methods for detecting whether or not two Wi-Fi-enabled devices are in immediate physical proximity. Our goal is to enhance the accuracy of smartphone-based exposure notification and contact tracing systems.
arXiv Detail & Related papers (2021-06-05T02:17:01Z)
SonicPACT: An Ultrasonic Ranging Method for the Private Automated Contact Tracing (PACT) Protocol [5.551038132998202]
This paper describes the design and implementation of the SonicPACT protocol to use near-ultrasonic signals on commodity iOS and Android smartphones. Our initial experimental results are promising, suggesting that SonicPACT should be considered for implementation by Apple and Google.
arXiv Detail & Related papers (2020-12-08T22:33:39Z)
An Empirical Evaluation of Bluetooth-based Decentralized Contact Tracing in Crowds [7.469941131704084]
This study empirically investigates the effectiveness of Bluetooth-based contact tracing in crowd environments with a total of 80 participants. Results confirm that Bluetooth RSSI is unreliable for detecting proximity, and that this inaccuracy worsens in environments that are especially crowded. We recommend that existing contact-tracing apps can be re-purposed to focus on coarse-grained proximity detection.
arXiv Detail & Related papers (2020-11-09T10:44:03Z)
The Dark (and Bright) Side of IoT: Attacks and Countermeasures for Identifying Smart Home Devices and Services [4.568911586155096]
We build up a model describing the traffic patterns characterizing three popular IoT smart home devices. We prove that it is possible to detect and identify with overwhelming probability their presence and the services running by the aforementioned devices.
arXiv Detail & Related papers (2020-09-16T13:28:59Z)
Vision Meets Wireless Positioning: Effective Person Re-identification with Recurrent Context Propagation [120.18969251405485]
Existing person re-identification methods rely on the visual sensor to capture the pedestrians. Mobile phone can be sensed by WiFi and cellular networks in the form of a wireless positioning signal. We propose a novel recurrent context propagation module that enables information to propagate between visual data and wireless positioning data.
arXiv Detail & Related papers (2020-08-10T14:19:15Z)
Mind the GAP: Security & Privacy Risks of Contact Tracing Apps [75.7995398006171]
Google and Apple have jointly provided an API for exposure notification in order to implement decentralized contract tracing apps using Bluetooth Low Energy. We demonstrate that in real-world scenarios the GAP design is vulnerable to (i) profiling and possibly de-anonymizing persons, and (ii) relay-based wormhole attacks that basically can generate fake contacts.
arXiv Detail & Related papers (2020-06-10T16:05:05Z)
Decentralized Privacy-Preserving Proximity Tracing [50.27258414960402]
DP3T provides a technological foundation to help slow the spread of SARS-CoV-2. System aims to minimise privacy and security risks for individuals and communities.
arXiv Detail & Related papers (2020-05-25T12:32:02Z)

This list is automatically generated from the titles and abstracts of the papers in this site.