Pre-installed spyware present on 140 million phones

by Dale Wright

Smartphone security experts have picked up a potentially serious security concern with the Carrier IQ app for Android and the iPhone 4.

Carrier IQ is thought to be installed on 140 million smartphones without the knowledge of the people using them.

Apple has stated that it discontinued its use on the iPhone 4S, but it has been found on the iPhone 4 as well as smartphones made by HTC and Samsung. However, the app is not thought to be used in the UK and Europe, and the iPhone version can be disabled.

If present on a device, the Carrier IQ app records everything a user does on their phone and can record their location and the keys they pressed, then transmit it to someone else without the user’s knowledge. Trevor Eckhart, an expert in smartphone security, said that the app could record transactions on secure websites, potentially revealing credit card numbers and opening up the data to hackers.

Carrier IQ tried to silence Mr Eckhart when he first announced his findings but were ordered to back down shortly afterwards. The app has now come under scrutiny by US Senators who believe it could have broken the law in America.

Andrew Coward, head of marketing at the company who made the app, said that it was intended to help technical support staff solve problems and analyse faults with reception and performance. CEO of Infidel, Becky Bace, said that the software should not been seen as a serious threat as the data collected appeared to be anonymous.

However, security analysts say much of the information collected by the app would not be useful for diagnostics, and they are suspicious of the fact that it works in the same way as spyware and cannot be removed easily by the end user. Mr Coward confirmed in November that the contents of text messages could “probably” be read by people who analysed the data.

Are you concerned about Carrier IQ being installed on your phone?