From the last week, Pokemon Go has occupied the digital world as a shockingly popular amplified reality mobile game. It has already outshined the well-liked Tinder, which is a dating app, in terms of downloads and giving hard competition to Twitter in every day active users.
It’s the most recent addition to the sequence of long running games released by Nintendo. It’s developed by a former internal Google startup called Niantic and most of the people in America are playing it.
But there’s other side of the coin that public is choosing to pay no heed to. Security experts have informed that the Pokemon Go players are divulging themselves to security threats by signing up using Google.
These risks have been drawn round by the security researcher Adam Reeve who was “stunned” when he came up to know that Pokemon Go has total access to your Google account. To engage in recreation, one needs to sign in by visiting pokemon.com website or using services by Google. Looks like pokemon.com website is declining to accept new sign-ups at the moment, so people are just using their Google account to sign up.
Immediately when you hit the Google connect button, you are logged in. But, you are never shown a memorandum regarding what data this application is going to access. Here’s what it means when the game Pokemon Go has full access to your account:
- Pokemon Go can modify and see all information in your Google account
- Such liberties should be given to fully reliable applications only
As a consequence, now Niantic and Nintendo can send and read emails on your behalf, modify and access your Google Drive credentials, access your location and search history, and a much more.
As the best security assess, when a developer integrate the “Sign in with Google” functionality in an application, he/she states the permissions that are being granted. Typically, an application only uses your Google account for undemanding contact information.
Nevertheless the makers of the game, Nintendo may not be planning to conduct a gigantic data theft; such permission levels are dangerous in the times of regular security breaches. The disclosed data often ends up on file sharing websites which is used by hackers to access accounts. However, Google and Nintendo have announced that they are going to fix this issue soon.