Most apps require users to sign up and provide information about themselves such as age, date of birth, email address and phone number. Users can enter their details manually or they can allow the app to use the data already available on social networks such as Google, Facebook or Twitter. This process is also known as social log-ins and is very common among smartphone users. It saves them from the time-consuming process of manually creating an account and remembering another password.
The incidence of apps trying to spy on users has escalated in the last few years. App developers have been trying to gain access to other apps in new ways without the user’s knowledge. A recent study by Virginia Polytechnic Institute, published in April, found that thousands of apps on the Play store with permission to access sensitive information were sharing them with other apps which were denied permission by the user.
Logging into them through a social media account is like serving them your personal data on a platter. To ensure users’ data is not misused by the app developer, some social media platforms such as Facebook and Google Plus allow users to see which apps have access to your social media account and even allows them to delink the app from the social network whenever they want. To access this in Facebook, go to Menu->Account settings->Apps. In Google Plus, go to Menu->Account->Apps with Google+ Sign in.
Creating a separate password for every app on a smartphone is challenging. Social log-in allows user to log into all their linked apps with a few taps. The only concern here is that if the user’s Google or Facebook account is hacked, the apps which are linked to them will also be compromised as there is no separate password required to log into them. This may not have a major repercussion for fitness apps, for instance, but can be risky in case of online shopping apps or payment wallets.
Similarly, if a third party app where a social log-in was used is infected by malware, it can compromise your data on the social media account as well.
It is wiser to use social log-ins for apps which can be trusted and have a better track record when it comes to security and privacy.