Popular Android web browser, UC Browser, has been accused of leaking personal data of users. A security group investigated into the mobile browser and found that it was sending user data unencrypted, or with not enough encryption. UC Browser currently has more than 500 million registered users and is the most popular web browser in China and India. Also Read - Jack Ma's Alibaba fined record $2.7B by China
The Citizen Lab at the University of Toronto’s Munk School of Global Affairs conducted this investigation, and found out that unencrypted data included phone numbers, device serial numbers, apart from user search queries and geo-location data. Also Read - Ant Group ordered by China to reexamine its fintech businesses and return to its roots as a payments service
This lack of encryption exposes information like user’s phone number, device number and location of the person to unethical hackers. “The transmission of this information “represents a privacy risk for users because it allows anyone with access to the data traffic to identify users and their devices, and collect their private search data,” the report said. Also Read - India bans 43 more Chinese apps over security concerns
The security firm said that the privacy risk is that any personal data leaked through UC Browser could be used by governments or other third parties. UC Browser is owned by Chinese e-commerce giant Alibaba.
Shortly after the news was out, Alibaba issued a statement saying that the issue has been fixed and all users need to do is download a version update. “We have no evidence that any user information has been taken,” the company spokesperson told Reuters.
UC Browser claims to have 100 million daily active users globally, and has been speedily expanding across regions. The parent company was founded in 2004, and was acquired by Alibaba just last year. UC Browser is now available on more than 3,000 different smartphones from over 200 manufacturers.