Many well-known smartphone brands such as Xiaomi, Oppo, and Vivo, which maintain keyboard apps, are transferring into a pathetic security condition due to exposed flaws identified within those apps. On the other hand, trackers that record users’ pressing sessions and text on the device can also reveal confidential inputs for offenders.
This issue was inspired by a recent Citizen Lab report that exposed a basic security issue with many keyboard applications used by the brands Nokia, Sony Samsung, and Huawei. The relevant applications involve Quanming by Tencent, Baizhang by Baidu, iTalk by iFlytek, and the default keyboard application on Samsung phones.
Moreover, Xiaomi devices with Baidu, iFlytek, and Sogou keyboards and Oppo phones with Baidu and Sogou panels also suffer from these vulnerabilities, while devices such as Vivo that incorporate the Sogou IME are also affected.
Researchers stress that hackers can easily exploit these vulnerabilities remains a latent threat, where data can be intercepted on the fly without raising any eyes. Only Tencent and Huawei have posted the fixes for the security issue by April 1st, although it is strongly advised to keep those keyboard apps updated.
In order to decrease the danger level, Citizen Lab suggests gesture password applications that keep the main data on a device instead of on the servers.
This recommendation is even more topical given the wide web popularity of these mobile applications in China and other countries of the world, as millions of users are prone to hacking and other information infringement.
Smartphone users must be wary and ready to take the required precautions to guard their personal and very sensitive information in this endlessly connected world among devices.