When applications request access to personal information, users accept it and trust that they will use the data they collect in a way safe. It is very important, however, to consider whether they trust Android VPN applications, which "clean" the device from unwanted data. The last thing you expect from an application that protects its identity is itself to leak its sensitive information.
As shown in a study examining the licenses that require 81 Android VPN applications, which are available in Google Play Store, have access to the device data on a much wider scale than the user accepts.
The same team of investigators discovered that many suspected requests could jeopardize sensitive user data. From the applications studied, 31 was safe as they did not ask for "dangerous permits" by the user but 50 others were considered unsafe as they called for at least one "dangerous license", while other 8s were considered extremely unsafe as they asked for four or more "dangerous permits".
What is not surprising is that mostly free apps require access to sensitive data. The same phenomenon is not observed with premiums and so it makes them safer for users.
Of course, it should be mentioned that the study does not indicate why these Android VPN applications require access to these sensitive data, nor how they use them. Even if these claims are innocent, it is dangerous for the user to accept them because the more data points are accessible, the more easily they can be stolen or leaked.
How to control what your apps have accessed
To see what you have given access on your mobile apps:
- Tap and hold on the app icon or go to your mobile settings and select app manager
- Click the "empty" option to see what this application has
It is worth mentioning that the changes to licensing the application can make it non functional.