Ranking Apps on Privacy

The last thing you want to do when installing a new, free app on your phone is to scroll through pages of information on what kind of access to your personal information it requires. App builders count on this, and their intrusive apps harvest data that they can then sell. That is why University of Groningen computer scientist Fadi Mohsen, together with colleagues from the University of Michigan-Flint (US) and the Palestinian An-Najah National University, has developed an algorithm that ranks similar apps on privacy scores. A description of the system was published in the journal Concurrency and Computation: Practice and Experience on 2 September.

When you are installing an app, it has to tell you which information it will access. ‘However, users don’t pay much attention to this as a rule,’ says Mohsen. ‘They are, generally speaking, the weakest link in privacy protection. That is why we wanted to develop a system to mitigate intrusive apps that reduces the reliance on the attention and understanding of the users.’ Functionality

Mohsen and his colleagues collected data on more than one million apps from the Google Play Store to use them in demo systems and experiments. ‘We rely on features that we extracted from the metadata of these apps and their configuration/manifest files. Additionally, we built a web-based interface to collect the privacy preferences of users.’ Their method is based on scoring applications on these features and on users’ preferences. The score reflects the intrusiveness behaviour of each application relative to other apps in the same category, and is used to rank the applications.

Next, the scientists built a trial search engine to find new apps, which incorporates their methodology. The apps that are shown on the top of the list are the least intrusive. Mohsen: ‘A normal search will rank the apps by their functionality. Our engine compares apps with similar functionalities on their privacy score.’ So the app at the top of the list will respect your privacy the most. Advertising

The ranking algorithm takes two scores into consideration: the score for permission, and that for listeners. The former determines how much access each application is granted on the user’s phone, such as reading SMS messages, use your default calendar and even deleting pictures. The latter gives the apps the ability to keep track of the occurrences on the user’s phone, such as whether the user is present or a new SMS message has arrived. ‘The information that is gathered by these free apps can be sold, for example to companies who produce targeted advertising,’ Mohsen explains. The system that he and his colleagues have devised could help users to avoid the most intrusive apps without having to read all of the privacy information.

The website and search engine were tested by a group of test subjects. ‘The results show that they found the system for setting up their permission preferences easy to use. They also said that they would value it if app stores took their preferences into account when recommending certain apps,’ says Mohsen. This shows that the approach is useful and would be effective in helping users to choose apps that respect their privacy. Google

Ideally, companies like Google could use this system in the search engine for their app store. However, another option is to create a website like the one built for this study, where users can express their preferences on privacy issues and then look for apps via the website’s search engine. Mohsen: ‘Such dedicated websites are quite normal these days, so the approach is viable.’

In the meantime, Mohsen is looking at other privacy issues. ‘We are developing a system that monitors apps after installation. In some cases, updates can require extra permissions from the users.’ In the end, the systems that he creates should give privacy-respecting apps an advantage over the more intrusive ones. ‘Our aim is to help app developers who respect the privacy of their users.’

Fadi Mohsen, Hamed Abdelhaq, Halil Bisgin:
Security-Centric Ranking Algorithm and Two Privacy Scores To Mitigate Intrusive Apps. Concurrency and Computation: Practice and Experience, 2021. doi: 10.1002/cpe.6571

Most Popular Now

Digital Health Webinar

14 September 2021, Webinar. The digital healthcare ecosystem is evolving with rapid speed. Technologies such as AI, robotics, telemedicine, and precision medicine are a mix of challenges and opportunities...

Using AI for Early Detection and Treatme…

Artificial intelligence (AI) will fundamentally change medicine and healthcare: Diagnostic patient data, e.g. from ECG, EEG or X-ray images, can be analyzed with the help of machine learning, so that...

Waiting Times for Medical Admissions Red…

Clinicians at Bolton NHS Foundation Trust have dramatically reduced patient waiting times, decreased hospital length of stay and improved patient safety after developing an electronic acute medical list solution to manage patient referrals.  The configuration was initially set-up to track referrals and admissions...

AI Algorithm Solves Structural Biology C…

Determining the 3D shapes of biological molecules is one of the hardest problems in modern biology and medical discovery. Companies and research institutions often spend millions of dollars to determine...

Novel AI Blood Testing Technology can ID…

A novel artificial intelligence blood testing technology developed by researchers at the Johns Hopkins Kimmel Cancer Center was found to detect over 90% of lung cancers in samples from nearly...

Accenture HealthTech Innovation Challeng…

Accenture (NYSE: ACN) has named eight companies as finalists in the Accenture HealthTech Innovation Challenge, which brings together leading-edge startups with prominent health companies to tackle some of North America's...

Clinerion Patent for Technology Underpin…

The new Clinerion patent underpins any medical EHR database infrastructure that incorporates a hybrid model of cloud-and-local server node installations at individual hospitals, as well as any method for search...

Data MATRIX Introduces an AI-Operated Pa…

Data MATRIX, a sole Real-World Evidence solutions provider in Russia, has presented a predictive analytics tool for estimating patient survival based on Real-World Data. An important feature of the presented tool for...

Researchers Use AI to Predict which COVI…

Researchers at Case Western Reserve University have developed an online tool to help medical staff quickly determine which COVID-19 patients will need help breathing with a ventilator. The tool, developed through...

A Game Changer: Virtual Reality Reduces …

It isn’t a matter of one needle puncture. Many children coming through the doors of Children's Hospital Los Angeles are seen for chronic conditions and often require frequent visits. Painful...

Bittium Expands Its Minority Holdings in…

Bittium Biosignals Ltd, a subsidiary of Bittium Corporation, and British ECG service provider, Technomed Limited, have today signed an agreement under which Bittium will purchase a 25 percent stake in...

Scientists Develop AI to Predict the Suc…

A study in which machine-learning models were trained to assess over 1 million companies has shown that artificial intelligence (AI) can accurately determine whether a startup firm will fail or...