Security News > 2020 > January > Ring Doorbell App for Android Sends Out Loads of User Data
The Ring doorbell application for Android contains third-party trackers and sends out a large amount of personally identifiable information, the Electronic Frontier Foundation has discovered.
The Ring app, the EFF says, sends user data to four main analytics and marketing companies, namely branch.io, mixpanel.com, appsflyer.com and facebook.com.
Facebook is alerted when the app is opened, as well as when it is deactivated after the screen is locked, via the Graph API. Furthermore, data is sent to the social platform even if the user does not have an account, the EFF has discovered.
To 'deep' linking platform Branch, Ring sends several unique identifiers, along with the device's local IP address, model, screen resolution, and DPI. Information that big data company AppsFlyer is provided upon app launch includes mobile carrier, Ring installation date, unique identifiers, whether AppsFlyer tracking came preinstalled on the device, installed sensors and current calibration settings.
Business analytics service MixPanel receives the most information: "Users' full names, email addresses, device information such as OS version and model, whether Bluetooth is enabled, and app settings such as the number of locations a user has Ring devices installed in," the EFF explains.