Joke Collection Website - Public benefit messages - Why do many apps check our address book and call records now?

Why do many apps check our address book and call records now?

In the past, the installation of various apps did not require much permission. Now even if it is a simple APP, we will find that it has many permissions to apply for when installing. Why is this? I am a worker in the technology and software industries, so I know this piece better. Now I'll tell you some reasons:

1. Collect mobile phone number resources:

In fact, many times, when the APP is installed, it will prompt the address book permission. This permission may have nothing to do with its own function, but the APP service provider helps the follow-up marketing in order to collect customer information.

2. Risk control requirements:

In fact, many apps involve risk control, such as financial apps and microfinance apps. They need to read your address book for risk control so as to contact you or your family and friends when necessary.

So we often see on the Internet that many young people have experienced peer-to-peer lending and then been bombed by telephone. We understand this truth, but it can be avoided. For example, when installing such an APP, it is strictly forbidden to read the address book permissions through the mobile phone or make a fake address book.

3. The real name registration system requires:

With the requirements of the Ministry of Industry and Information Technology for the real-name registration system of fixed-line and mobile phones, the mobile phone number has achieved a comprehensive real-name registration system. Unlike in the past, you can buy a temporary mobile phone number without a real name on the street, but now it doesn't work.

Since the mobile phone number comes from the real-name registration system, some apps can realize the real-name authentication process by binding the user's mobile phone number, which is more convenient for users. According to the current trend, the future mobile phone number may prove a person's identity.

To sum up, the main reasons why various apps want to read the address book now are: collecting information+real name registration system requirements. In order to avoid the disclosure of our information, we suggest that you refuse this permission application when installing the app. Of course, some apps can't even run normally if they can't read the address book permissions. For such applications, if necessary, you can open the address book permission.

There was an answer before that the APP checked our address book and call records because of the requirements of risk control and real-name registration system. I'm sorry, I don't recognize this reason. In order to control risks, the online loan/microfinance company requires the lender to provide identity documents. I have to brush my face and check my contact number. How to check communication records and call records afterwards to control risks? Really so powerful, the network water army has long been wiped out.

The real reason is that APP developers use address books and call records to collect personal privacy information, and the information of countless people is merged into big data, and then developers use these big data to complete marketing promotion. This is bonus hunter.

So, how do APP developers use big data marketing?

First, we need to collect user information. APP collects information by looking at our address book and phone records: the address book records our social information (including friends, relatives, colleagues, etc.). ), and the call record can reflect the call frequency and geographical information, so as to analyze important personal privacy information such as social preferences and hobbies, and then push corresponding advertisements according to these information.

For a simple example, there are take-away calls in your communication records, six times a month (a daily number is listed for convenience of explanation) and take-away phone records for four or five months in a row. Then your personal portrait is like food, and you like to solve it by taking out food. After analyzing this information, APP developers can send you take-away advertisements through the APP and start marketing.

In fact, APP developers also have simple and rude marketing promotion methods. After checking your address book, they will tell other contacts in your address book by synchronizing the address book: "Your friend XX is using XXAPP" and induce them to download the APP through SMS.

In short, in addition to some apps asking users for the necessary permissions for normal functions (takeaway apps and map apps must ask for location permissions, and beauty apps must ask for camera permissions, otherwise they cannot use normal functions), some apps ask users for too many permissions, which is a malicious violation of privacy for marketing.

This kind of APP, if it is not a communication class, must also allow access to contacts in the address book. , then most of them are rogue software!

Generally speaking, regular apps only suggest opening the address book. These apps won't have much impact on us. They just help you find other friends who are also using this software according to your address book, or recommend it to others in your address book. We can choose not to open this permission, which has little effect on the normal use of the software. If you need to open it later, you can also open it yourself manually.

In addition to regular apps, other rogue software will not only require the opening of address books and call records, but some will even require the opening of geographical location, allowing the deletion of call records, reading short messages and so on. If it is not allowed, the software will not be used all the time. At this time, I suggest you delete this software directly, otherwise you will be exposed in this APP like "streaking".

For example, Baidu map will also require to open the geographical location permission, but you can enter the software without opening it. The big deal is that you can't get the current position and navigate. You can view the route after manually entering the location. In this era of big data, many apps are making money by collecting users' personal information. If malicious apps are allowed to view the address book, they are likely to find your family and friends according to your call records and address book, and then bundle these phone numbers for sale.

When downloading the APP, you'd better choose a regular app store or official website. Before downloading, check whether the software has excessive permission requirements, download times and advertisements. It is not that the software in the app store must be very safe and formal, and everything is not absolute. As long as they open your mobile phone permissions, there are no viruses and no bundled plug-ins, they can sell them.

For more high-quality content, please continue to pay attention to magnesium guest network ~ ~

I am an APP developer myself, so I know a lot.

At present, you can know that many apps need to check your address book and call records, which is a good thing in itself.

Android mobile phone

In the past, Android phones wanted to access your phone memory, address book and call records, and you had no idea!

Why do you say that?

In the past, the Android mobile phone system was not so perfect, but there were already many users.

After the demand increased, not only a large number of APP developers were born, but also some people had bad ideas.

At that time, you couldn't uninstall any rogue software after you installed it.

There are also many rogue apps that hijack app pages.

Perfect system

Now after years of development, Android phones have become more and more perfect.

Now, if you want to access the privacy of your mobile phone, you must get permission.

To get the data, you must get the authorization of the user before you can get the data!

What are address books and phone records used for?

Different apps of different companies will access different permissions.

Among them, many people have access to the address book.

So what is the purpose of obtaining this permission?

One is to better promote products. With the address book, we can compare the people in the phone, unregistered and registered.

Those who are not registered can be invited, and those who are registered can interact to increase user stickiness.

The other is the financial APP. They get the address book and phone records for risk control.

For example, the loan APP needs to obtain the address book information of your mobile phone to record your contacts, so as to facilitate the collection of accounts in the future.

Can I use my new mobile phone?

Yes, but the risk control departments of these companies will consider whether to lend you money if they can't find the address book information.

In the same way, so is the call record!

Of course, whether to authorize the corresponding APP needs to be grasped by yourself. If you believe in this application, then authorize it. If you don't believe it, then don't authorize it, don't use it!

For example, with Notepad APP, you need to access your camera and store permissions.

But you just want to use it as a notepad. At this time, if you think it is unnecessary, you will not authorize it.

You can't use it without authorization. Get rid of this rogue software and change it!

Now most Android apps will read your contact, location and other permissions.

Although Android can prohibit these applications from reading key permissions, some applications can't start without opening relevant permissions, which is very troublesome. So what is the use of these applications to obtain these permissions? At present, the permissions commonly used in applications are as follows:

I. Contact person

This is the most common, almost all Android apps will read the contacts in your address book. Functionally speaking, reading contacts can determine whether any of your relatives and friends use the same application. For example, if there is a "mobile phone contact" in WeChat's "Add Friends", you need the permission to use the mobile phone address book. With this permission, you can see who is also using WeChat in your address book, which is convenient for adding friends.

Of course, the address book is a sensitive permission, and the normal application can be used normally if it is not given this permission, but the function of finding friends like the address book cannot be opened.

Second, location.

Almost all mobile apps will ask about your location, because only by knowing your location can you determine where you are from and what kind of life service you need. Such as weather, take-away, taxi, local news and other functions. Can't work normally without location permission. If you turn off the location permission of WeChat, it will refuse to start.

In addition, some key functions of the mobile phone may need a brand-new location. For example, Apple's "Find My iPhone" is achieved through location. If the location function is turned off, the location of the mobile phone cannot be located, and the mobile phone cannot be recovered if it is lost.

Third, read and send short messages

The permissions related to SMS are more sensitive, because SMS contains a lot of private content, such as bank account number, verification code and even password. If this key information is leaked, the consequences will be unimaginable.

If the application is given the right to send short messages, some nonstandard applications may secretly send short messages subscribing to paid services in the background, such as color ring tones and virtual props of games. You can even absorb users' phone bills unconsciously. Therefore, in general, applications should be prohibited from reading and sending short messages.

Of course, there is another advantage of letting the application read the short message, that is, when accepting the verification code, the application can automatically read the content in the verification code, which saves the user the trouble of manually filling in the verification code. This function is more convenient in mobile payment and other occasions that need verification code.

Fourth, the mobile phone identification code.

This permission will be used in almost all applications, and the mobile phone identification code can help the application determine what type of mobile phone you are using, which is basically useless to users. But it is very helpful for application developers. It can help application developers count the models of mobile phones that use the application, and sometimes it can develop special functions for some popular mobile phones.

For example, Apple phones after iPhone 6s are equipped with pressure-sensitive screens, and some applications can design shortcut menus for this screen to judge according to the mobile phone identification code. If it is a mobile phone after iPhone 6s, you can turn on the pressure sensitive screen.

Verb (abbreviation for verb) camera

Many users feel that the camera function is very sensitive, and they are worried that the privacy will be leaked after the application has the camera permission. But now many applications have the function of scanning. If you don't give it a camera license, the scanning will not work properly. Of course, if an application doesn't have any code scanning function, but needs camera permission, you need to pay attention at this time.

Six, read and write storage space

This should be a relatively basic right, because if you can't read and write storage space, applications can't add content to your phone, such as downloading and saving pictures and videos. The game may have to be updated by writing to the storage space. Almost all applications will use the permission to read and write storage space.

At present, when installing the mobile app, they will ask the corresponding functions on the user's mobile phone, such as reading the address book and call records, locating the location of the mobile phone, using the camera and so on. Some apps require permissions that have nothing to do with their main functions. The mobile APP excessively requests the user's mobile phone information, which can be divided into three categories: one is to apply for permission to obtain the user's private information for backup, but it is not uploaded to its company server; The second is to apply for permission to obtain the user's private information, and then upload the user's private information to its company; The third situation is the abuse of user privacy that has been uploaded to the company, including the user's address book, call records and location and other private information.

After the popularity of smart phones, mobile apps seek more and more permissions. At present, a mobile APP can only be more valuable and win the favor of venture capital if it has social functions and can do secondary marketing. "For example, this flashlight APP, after obtaining the user's positioning information, can push the advertisements of businesses around the owner's location. With the help of user positioning information, enlarge the commercial value of this APP. "

Nowadays, many people are used to using taxi software on their mobile phones, and carpooling is also very popular among urban white-collar workers. There is a carpooling mobile APP in China, which requires users to read the address book in the mobile phone when installing. However, carpooling publicly provided the downloaded version last year, secretly uploaded the user's address book to our company, and even uploaded the user's mobile phone number in plain text, without encryption. Anyone who has the ability to intercept this information can see the user's address book uploaded by the mobile APP, just like reading a Word document.

Another mobile APP will upload the SMS content in the user's mobile phone to our company, and only do simple coding when uploading. Technicians said that the biggest security risk of genuine software uploading mobile phone users' private information in plain text lies in man-in-the-middle attacks. For example, after a mobile phone user connects to an unsafe WiFi, criminals intercept the communication between the mobile phone and WiFi, and these personal privacy data transmitted in plain text will be directly and illegally obtained.

abstract

Nowadays, many mobile phone applications need all kinds of permissions, among which contact, SMS, location and mobile phone identification code are the most common, on the one hand, because these permissions are indeed the most commonly used. On the other hand, many software companies are also using sensitive data such as mobile phones, and then judging user preferences through "big data" and "cloud computing" and pushing relevant advertising content.

For example, after searching the information of a 3C product in the mobile browser, and then opening the application of a company or a treasure, there is a great chance for users to see the advertisements of relevant 3C products. This is because the shopping application reads the user's browser search records, and then automatically judges that the user has a demand for these goods, thus starting to push relevant advertisements in a targeted manner.

Although these functions will make people feel that their privacy is being spied, they are actually helpful to people's daily lives. However, it must be noted that when installing some applications of unknown origin, we must pay attention to avoid opening key permissions, such as reading and sending short messages and reading photo albums. At present, the system of domestic mobile phones is also very user-friendly, and there will be a pop-up prompt when applying for key permissions, which will protect the privacy of users as much as possible.

Calling our address book information through mobile APP can be divided into two situations:

Then, let's take a look at why the APP calls the address book information and how to avoid the disclosure of personal information.

Why should the mobile phone software APP check our address book?

First of all, talk about benign calls. Most people who need to call the address book are social software. For example, WeChat, QQ, Feichat and other software, calling the information in our address book will help the software to quickly help us establish social circles and let users flexibly choose whether to add friends to the address book. At the same time, through the binding of user relationship, the stickiness of users using software can be enhanced and the loss of users can be avoided.

Secondly, let's talk about malignant calls. There are two situations. One kind of software will ask you whether to authorize access when installing, and the other kind of software will secretly steal your related information in the background. Such a call is not required by the software function, but in order to obtain personal data, Asamura sells personal data to obtain illegal profits.

How to put an end to malicious calling of mobile phone software

Apple's iOS system is relatively good, as long as the software is installed, it needs to be downloaded and used through Apple Mall (however, Apple's mobile phone comes with many backdoor programs, which are not recommended for information security reasons). The more serious problem is the Android phone. The software installation of Android phone is too flexible to determine whether there is malicious software in the randomly installed program. It is recommended that you use the built-in software market of mobile phone manufacturers to download. After all, all uploaded software has been checked by the manufacturer for the first time. In addition, for Emerson's software, when the address book information needs to be called during installation, you can choose not to allow it, and release it when the software specifically uses the address book information.

For some unfamiliar websites, please try not to fill in your personal information. For example, some websites that use mobile phone numbers to tell fortune, and websites that enter names, etc. But as everyone knows, personal information is quietly leaked out.

I don't know if you have been harassed by phone calls because of the disclosure of personal information. How did you deal with it in the end?

Nowadays, mobile phone applications require higher and higher user rights, and their reason is to make the software run better. In fact, I suggest that when you are prompted to ask the address book permission after the installation software is opened, try to cancel it and don't give the address book permission. According to the nature of the software, other permissions can be given to the software to ensure the integrity of the software function.

In recent years, it has been better. Because of the continuous upgrading of the mobile phone system, the user relationship has been strengthened, so the software has a prompt asking for permission. In the early days, there was no hint. When we open the software, we get the permissions it wants by default.

Now many people's information is stored in mobile phones, and the address book is also the most valuable information. Therefore, many softwares will ask for some necessary permissions and address book permissions after starting. In this case, it is completely unnecessary and does not affect the use.

Take Alipay as an example. This is an APP owned by Alibaba. Whether it is a sense of security or trust, there must be problems. But I won't give it address book permission, it's still normal to use. Although every time I pay for my mobile phone through Alipay, I will be prompted to open the address book permission, but every time I manually enter it myself, there will be no use problems.

Imagine, you will find that even software like Alipay can run well without giving it address book permission. What's the use of other functional applications (such as camera and weather) to give it address book permissions?

Now that the environment is good, there are relatively few rogue software. However, some softwares don't use the address book at all, and still ask the user about the address book permission. In fact, it is also for marketing promotion. Here, I want to remind everyone that for financial apps, you must not give them address book permissions. Otherwise, they will send all kinds of junk advertisements to you or people on your mailing list by analyzing your address book and information.

In fact, if you pay attention, you will find that most apps don't need address book information during use, but you will ask for this permission when you first open it. From the user's point of view, you may have nothing to lose, but you don't know it, but from the developer's point of view, they have obtained a batch of "mobile phone numbers" and SMS "information" for their analysis. For bad developers, they may do something with ulterior motives.

Therefore, my advice to you is that when we first open the newly installed software, whatever it is, don't give it address book permission. If you find that the software really needs this permission to run normally in subsequent use, you can decide whether to give it permission according to your needs. This can protect our communication information from being leaked.

I am a programmer who loves programming. I have been engaged in Internet software development for many years. Let me answer this question.

I think some mobile apps will require corresponding permissions when they are running. We should judge whether the app should get permission according to its nature and function.

Access to mobile phone address book

Under normal circumstances, apps with social nature will require access to mobile phone address books, such as qq, WeChat, fly chat and so on. Its purpose is to recommend your potential friends to us according to the mobile phone number in your address book. We can also choose not to open it, the app can still be used normally, and then open it manually in the software settings.

Access the location of the mobile phone.

Mobile phone positioning is also very important to us. Generally, apps with navigation attributes will require access to mobile phone location rights, such as various maps, US groups, various express delivery, and so on. Its purpose is to locate our position and provide us with some services around us. Similarly, we can choose not to open it, and then open it in the software settings.

Get call records

To be honest, this permission has not been encountered in the app I use. It is estimated that those auxiliary dialing software and auxiliary SMS software, such as 5 1 total recall, will be used. I think phone records and text messages are too private, so it is not recommended to open the access rights of phone records and text messages to any software.

Therefore, it is necessary to judge whether it is necessary to provide corresponding permissions to the software according to the purpose of the software. If we don't give the application permission, we can't use it. This must be rogue software, and we must stay away from it.

Very simple, what people want is your data, your relationship chain, promotion and secondary marketing, so as to get more users or benefits!

After reading the address book, the APP can know which contacts your current user has and what kind of relationship chain it is. At the same time, through the analysis and statistics of the big data in the background, you can conduct targeted harassment marketing for people in your address book. The easiest way is probably to send a text message.

Let me give you an example here. I often received text messages before, which read: xx, XXX is looking forward to you! Ta sends you an invitation, hoping to add you as the most important workplace contact and so on.

As soon as I saw it, this so-and-so was my former colleague, and my first reaction was to click the link in the short message. You see, the marketing method of pulse is ok! In fact, this means that after reading the other party's address book, the system automatically sends it according to the mobile phone number in the address book, thus inducing you to install his APP. Because the contacts in the address book are basically related to you, people who know you and use this relationship for marketing will naturally reduce people's vigilance and be easy to take the bait. In this way, the pulse is simple and rude, and it can be more accurate and concealed.

Then do you know why there are so many fraudulent phone calls and spam messages now? To a large extent, we hand over our own information, and then people's APP manufacturers carry out secondary development. Better manufacturers use it for their own use, hand over your information disgusting, and then our information will be fully utilized in the black industry chain.

Now our mobile phone number carries too much content. Many service accounts are registered directly with mobile phone numbers. Although it is easy to register, your account security is even worse. APP reads the address book, and all this information is available. Therefore, for the APP that inexplicably wants our address book, we should say no, instead of opening this permission at will, stop at the first time, and it will be too late to wait for the subsequent ban.

Thank you for reading, give me a compliment and encouragement, welcome to pay attention to Roche Insect Society, thank you!

As a product manager, I often encounter the problem of what permissions I need to get from the user's device, including the address book.

First of all, let's talk about getting some kind of permission for the equipment. This is a right management behavior that Android and iOS systems do to protect users. When an app obtains the corresponding permissions, it must go through the user's consent, otherwise it can't get the corresponding information, so it has the pop-up tips that we often see as users. Installing a new app will prompt you to obtain certain permissions.

Besides, why take the address book? This is mainly based on our address book, that is, the mobile phone number, to match the users in the product. The usage scenario depends on who your contact friends are, which address book friends you can invite to become new users, and so on. , mainly based on the needs of a product function. However, sometimes the app does ask for permission too much. If you feel that you don't want to pay these permissions, you can refuse them, but you can't use the corresponding functions.

The final decision is still in the hands of users.