Hundreds Of Android Apps Silently Track Users With Ultrasounds

Researchers from the Brunswick Technical University in Germany discovered that many Android applications have used ultrasonic beacons to track users without their knowledge.

Ultrasonic Tracking

Over the past few years, advertisers have started taking advantage of a technology called ultrasound cross-device tracking (uXDT) to track mobile users and build extensive profiles on them.

The Brunswick Technical University researchers initially found that only six applications tracked users with this technology in April 2015. By December, the same year, the number of applications that supported uXDT grew to 39. In a recent investigation, the researchers found 234 Android applications tracked users with uXDT. They also found that four out of 35 retail stores in two cities use the same technology to track their customers.

How uXDT Works

The way uXDT works is that advertisers embed ultrasounds in the ads they play on TV or radio in the 18-20kHZ frequency range, and then smartphones or PCs with microphones pick up those sounds. This will tell the advertisers what kind of ads people are watching on TV, what type of phones they use, their location, and other advertising-relevant type of information such as user behavior.

According to the researchers, the ultrasonic tracking can also be used to de-anonymize Tor users. The devices the Tor users own could give them away when some of the apps they install contain code that can intercept ultrasounds with the phone’s microphone.

Right now, the ultrasonic tracking isn’t as dangerous as it could be for user privacy, because you still have to open the apps that contain this listening code for the tracking to work.

You also need to accept the RECORD_AUDIO permission in the apps that use ultrasonic tracking code. However, many users don’t typically pay attention to which permissions they allow when they install an app, or they may believe other important features within the app require the audio recording permission to be enabled.

If this becomes a common way for advertisers to track users, many more apps, as well as popular apps with tens of millions of users, could end up using the same technology. This could make avoiding ultrasonic tracking much harder to avoid in the future, especially if platform vendors such as Google don’t impose restrictions on this type of tracking.

This thread is closed for comments
    Your comment
  • David_713
    A list of apps would be helpful!
  • David_713
    The Brunswick Technical University link is dead.
  • toadhammer
    If you read the source research paper, it's clear they don't have a list of confirmed apps, just what their machine learning guessed might be doing it. If you search 'SilverPush', you'll see they claim '67 apps' were using their code and the FTC says they 'warned 12 unidentified Android app developers.' No one's willing to disclose actual apps due to the toxic privacy issues.

    Lucian, if you're granting microphone permissions to your apps, location tracking may be the least invasive privacy problem you have since it can record anything it hears, not just audio beacons.