Language

Pokemon Go and IT Security

pokemon go it security

Pokémon Go is the center of the world nowadays. The sudden popularity of the Pokémon  Go app has stunned many analysts around the world. It is apparent that everyone loves the game, but that doesn’t make it free from flaws.

After its initial release in selected countries, the first thing that caught the attention of its users is the security associated with the app.  The security flaws in the initial release swept the whole Internet. It was a security and privacy nightmare that had many people worrying until Niantic took the matter into their own hands.

But there are still many security concerns regarding Pokémon  Go. The app not only affects regular user’s security, but also affect organizations with various degree of functionality. News related to Pokémon  Go and it’s security is almost a daily occurrence.

Let’s understand the implications of Pokémon  Go on IT Security.

1. No app is 100% secure

Let’s start with the most general understanding of security. No app, platform, or system is 100% secure. But that also doesn’t mean you are at risk. It means there is always a way to find loopholes in an app.

Security works by the assumption the app under question is secure to the maximum effect, and it would require great effort to break the app.

Pokémon  Go is no different. It is riddled with bugs and loopholes–the latest being the ability to take a Gym under your control forever. But it is secure enough for players to regularly use the application.

Many hackers create cheats and look for exploits within the game. One such example is goteal from the United States who works on creating cheats for the famous multiplayer shooter game, the Counter Strike Go. Maybe someone else is working on creating a malware for Pokémon  Go? Who knows?

Check out goteal, on how he takes on Counter Strike: GO cheat.

Jpain from London, United Kingdom is developing APIs for Pokémon  Go. Check him out here.

2. Basic Security Issues

With the idea of app security clear, let’s move on to the basic security issues with Pokémon  Go. Even if you think that your app is completely secure, the app still has permission to your camera, location, email, and physical address. The information gathered by the app can be used by 3rd party apps.

With all the four elements combined, security is at risk. Any hacker can take control of your smartphone, risking your security to a great extent. Once the hacker gets into your smartphone through the app, he can literally control everything on your device.

pokemon-go-it-security

Pokemon GO app permission when it was launched. It is now more streamlined and doesn’t have full access to your Google account

3. BYOD Security Nightmare

Pokémon  Go is the new BYOD security nightmare. With Pokémon  Go release, information security is at risk. As we have already discussed in the second point, the app takes control over the key information including email, geolocation, camera, and address. All these information can easily be leaked if the device is hacked by malware or remote access tool (RAT). It was only a matter of time before IDF banned soldiers from playing Pokémon  Go on any military base, citing security reasons. Coming back to the organization’s point of view, strict BYOD rules should be implemented to nullify the security loopholes of Pokémon Go completely.

4. 3rd party installations

The release of Pokémon Go is done in incremental steps. With the hype reaching the sky, many users opted to download installation files from 3rd party websites. However, the 3rd party releases are plagued with malware and other exploits. Anyone who installs the game using 3rd party installation files risks their privacy and security. The only way to protect yourself from the malware or exploits is to wait for the official release of Pokémon Go in your country.

Conclusion

If you are a normal user and keep your mobile device clean, you probably don’t have to worry much. For companies and other organizations, strict rules should be in place, keeping in mind that office is for working and not playing. Strict BYOD rules can ease out the threat Pokémon  Go carries for sensitive areas.

We have already discussed Why Pokémon  Go is so popular. Now, we discussed its impact on security in general. What do you think about security in Pokémon Go? Let us know in the Comments section below.

Avatar
About author

I, Dr. Michael J. Garbade is the co-founder of the Education Ecosystem (aka LiveEdu), ex-Amazon, GE, Rebate Networks, Y-combinator. Python, Django, and DevOps Engineer. Serial Entrepreneur. Experienced in raising venture funding. I speak English and German as mother tongues. I have a Masters in Business Administration and Physics, and a Ph.D. in Venture Capital Financing. Currently, I am the Project Lead on the community project -Nationalcoronalvirus Hotline I write subject matter expert technical and business articles in leading blogs like Opensource.com, Dzone.com, Cybrary, Businessinsider, Entrepreneur.com, TechinAsia, Coindesk, and Cointelegraph. I am a frequent speaker and panelist at tech and blockchain conferences around the globe. I serve as a start-up mentor at Axel Springer Accelerator, NY Edtech Accelerator, Seedstars, and Learnlaunch Accelerator. I love hackathons and often serve as a technical judge on hackathon panels.