Are there really Pokemon Go security risks?
Noticing some strange behaviour lately? Employees more distracted than usual by their mobiles? Perhaps you’re concerned by roving gangs congregating in parks staring at their phones? Don’t worry! It’s all just a symptom of the latest mobile app-come-mass-hysteria to take hold…Pokemon Go.
Nintendo’s first foray into mobile gaming is an “augmented reality” app that lets you wonder round the real world looking for the titular monsters, which can then be trained for battles with other players. Since it’s release less than a month ago, it has been installed on more phones than Twitter. Naturally, whilst it’s amazing the see an app bring people together in the real world, having users actively roaming around unknown areas with their phones has led to some unforeseen (and some depressingly foreseeable) consequences. So much so, that since release there has seemingly beena flood of alarmed news stories. But are they really a concern? Don’t worry though, because we have hastily put together our handy guide to Pokemon Go security risks…
Ok, so this one isn’t exactly inherent to the app. Muggings, stolen phones and knifepoint threats have all unfortunately been around longer than Pokemon Go. However, walking around areas you don’t know with your shiny expensive phone in front of you always has the potential to put you in dangerous situations. 3 Students in Manchester last weekend found this out to their cost, as they were robbed at knifepoint whilst Pokemon hunting in Hulme park at night. Whilst such tales are alarming, it would be hard to attribute blame to the app. It does underscore however, the importance of still being aware of your surroundings whilst hunting.
More insidiously, it appears that some criminals are actually using the app itself to find targets. One of the main features of the app is the ability to meet other trainers in the real world, and battle them for control of set points called gyms. Reports from Missouri have suggested that a gang of thieves were able to anticipate and lie in wait for victims by waiting at these gyms after dark. A local police spokesperson explained-
“you can add a beacon to a pokestop to lure more players. Apparently they were using the app to locate [people] standing around in the middle of a parking lot…”
Wandering “off the beaten track”
The app encourages players to explore and uncover new territory, with movement tracked via GPS helping hatch eggs. Whilst it is heartening to see how the app nudges people into the great outdoors, it’s always important to remember some of the basic tenets of personal safety. Simple things like “don’t walk off a cliff”, or “don’t get lost in abandoned caves”. We don’t want to put anyone off their explorations, just remember the lessons from the game’s loading screen…
Despite being less suitable to humorous headlines, some security researchers have also raised concerns about the access the app requires from your phone in order to work. When first released, the iOS version of the app required “complete google account access” when installed. They suggested that this allowed it full access to everything from your gmail inboxes, to google+ pages and drive documents. If exploited, this could let malicious hackers wreak havoc on your personal data. Since the story broke however, the app’s developer Niantec have clarified that this was requested in error, and the most recent version of the app only uses the account ID and gmail address. It still poses as a timely reminder however, of how much access we routinely sign away to apps without a second thought.
Bulk Collection Data Scraping Conspiracy
What? Oh, nothing- just the theory that Niantec’s founder was originally tied to a company that developed software for the CIA, thereby proving that the app is actually a nefarious governmental plot to have us all unwittingly send spy photos to the…er…men in black, or something. It’s a theory from a Reddit thread, so it must be true.
If you are concerned that your child is putting themself at risk when using the app, then the NSPCC have this fantastic FAQ and guide to using it safely