at 3:57 PM

Chinese ad network found in 1,200 iOS apps has major privacy concerns

As Apple becomes ever more privacy focused, it is important to remember that third party apps and services do not need to follow. Mintegral, an advertising network based in China, is under scrutiny based on a claim that it has been tracking users and committing advertisement fraud since July of 2019.

Danny Grander, the Co-Founder & Chief Security Officer of the Snyk digital security company, discussed his findings with John Koetsier on his TechFirst podcast. In it, he described the following apps as being included in the over 1,200 that utilize Mintegral for advertising:

• Asphalt • Helix Jump • PicsArt • Talking Tom • Subway Surfers

According to Grander, these apps that utilize Mintegral's services average 300 million downloads monthly. In order to facilitate the ad fraud that Grander accuses Mintegral of, the ad network "hijacks" legitimate ads from other networks and attributes any potential click by the user as its own instead. This type of fraud is committed by the network over 20% of the time, and is the first of its kind seen on iOS apps.

Additionally, Mintegral can use the injected ads to track all of a user's http traffic and https-based requests and responses, as well as leak out the URL and headers of those pages. This can be used for tracking what a user clicks on and where that user ended up going.

Snyk has relayed information about Mintegral to Apple, who as of yet has not disclosed a public statement concerning the ad network's activities. Mintegral has released a statement rejecting the claims that includes the following:

"Today, we learned that allegations have been made suspecting that our SDK and advertising practices commit fraud and invade privacy. We would like to assure our clients and partners that these allegations are not true. We are taking this matter very seriously and are conducting a thorough analysis of these allegations and where they are coming from. We have and will continue to uphold the highest standards of data privacy for users and our customers."

"...in conjunction with Apple's upcoming iOS14 updates, we had already planned to deprecate this functionality in the SDK anyway."

Further coverage: John Koetsier's blog Forbes

by Ian Dorfman

Did you find this interesting?

Yes

Comments

No comments so far, maybe you want to be first?

Helix Jump on AlternativeTo

Helix Jump

Freemium • Proprietary
Android
iPhone
Android Tablet
iPad

Exciting adventure of the bouncing ball through the helix tower labyrinth.One-tap easy-to-learn controls, rich visual effects and addictive gameplay mechanics.