Personal data has become one of the most valuable commodities in the digital age, and marketers will do almost anything to get hold of it. By tracking what you do online, where you go and anything else they can discover, it is possible to build an accurate profile of you as a person. That profile can then be used to advertise goods and services that marketers think will interest you.

Smartphone manufacturers like Google and Apple have begun to tighten up privacy, forcing apps to ask permission before gaining access to your GPS location, or your camera for instance. This has made it much harder for marketers to collect quite as much personal data.

But marketers are fighting back – and they’ve developed a new workaround to beat your phone’s security settings.

The untrustworthy trusty mobile browser

Every smartphone has a mobile web browser installed so you can surf the Internet on the move. Each mobile browser – Safari, Chrome, Edge etc – uses your phone’s sensors to ensure the website displays correctly. As you turn the handset from portrait to landscape, the page reloads to ensure you can read it properly.

Websites do not need your permission to access these sensors on your phone – and marketers have begun to exploit that fact. You will receive an alert if a website tries to access your location – but not for the other sensors like motion, lighting and proximity.

Advanced browser fingerprinting

By using the sensors on your phone, marketers can identify your phone every time you visit a site that uses their ad code. This “fingerprinting” gives them a chance to recognise you online – and start building a profile of you again.

Perhaps more concerning is that the motion sensors can detect tapping on the screen. That information can (in theory) be used to decode your password – the touchscreen version of a keylogger. By infecting a website with malware, they could potentially steal passwords as you login.

Time to install an ad-blocker

In most cases, researchers have found that it is not the websites you visit doing the tracking, but the ads that are shown to you. These ads are managed by networks that run in the background. Because these networks display ads with tracking code on thousands of websites, they can keep accessing your phone’s sensors to build up a detailed understanding of who you are.

You cannot block access to mobile sensors from your browser, so you will need another tool to assist. Mobile anti-malware like Panda Mobile Security can detect and block tracking scripts to protect your privacy. It will also ensure that hackers are prevented from breaking into your phone and stealing your personal data.

Act now to keep your phone secure – download a free copy of Panda Mobile Security today.