keyboard apps from android market

sarkar007

Regular
Regulars
Messages
1,008
Location
Thane
I am perfectly satisfied with the touch keyboard that comes in my HTC Sensation. But just out of curiosity I tried out a few free keyboard apps from the andriod market. During installation all keyboards ask permission to read all our data including email, web passwords, credit card numbers that we enter during transactions. How is this allowed? Why should a keyboard app have access to this info? These days even banking, paying bills etc is possible on mobile. That means all kinds of sensitive and private info. I am surprised that there isnt an outcry on this issue. Should we allow a keyboard app unrestricted access to our passwords? I would like to know what fellow members here feel on this issue.
 

Sushubh

Administrator
Messages
423,440
Location
Gurugram
you cannot type your password without using the keyboard right? so when you are typing your password or credit card information using the third party keyboard, it gets the ability to 'read' them. it's not like the app is trying to read the data stored on your phone. you are using it to type on your phone so it has the ability to know what you are typing. :confused:
 

sarkar007

Regular
Regulars
Messages
1,008
Location
Thane
yes, but why should it explicity request access to our passwords? does it send data back to the developer? why does it need to do it? does a computer keyboard request such access?
 


manu1991

Ancient Philospher
Regulars
Messages
7,334
Location
Delhi
IINM, requesting access to passwords doesn't mean that it is reading the passwords stored on your mobile but that when it encounters a password field anywhere, it 'reads' your input and forwards it to that field. If it doesnt have this right, then you WILL not be able to use it to type into password fields.also, does it have access to network communications? if not, how will it send data to the developer.
 

Sushubh

Administrator
Messages
423,440
Location
Gurugram
and of course most keyboard apps would ask for network permissions to download latest dictionaries. the point remains. if you are afraid, do not use them.
 

sarkar007

Regular
Regulars
Messages
1,008
Location
Thane
IINM, requesting access to passwords doesn't mean that it is reading the passwords stored on your mobile but that when it encounters a password field anywhere, it 'reads' your input and forwards it to that field. If it doesnt have this right, then you WILL not be able to use it to type into password fields.

also, does it have access to network communications? if not, how will it send data to the developer.

take a look at the attached screenshot. It 'collects' all data.



@chromaniac

it is not a question of me being afraid or not. the question is is it right for the app to do this!
 


manu1991

Ancient Philospher
Regulars
Messages
7,334
Location
Delhi
that is a general purpose android message that appears while installing ANY keyboard.
 

sarkar007

Regular
Regulars
Messages
1,008
Location
Thane
It appears while installing all keyboards. I am not saying one particular developer is doing it. All developers do it. Question is, is it right for them to do so?
 

Sushubh

Administrator
Messages
423,440
Location
Gurugram
yeap. google is warning you that a rogue app can do a lot of malicious things. the thing is simple. keyboard is a core app of the OS. and if you are using a third party app, you would need to give it too many permissions. and a rogue app can misuse that information. there is little google can do except to warn you comprehensively. the message clearly states that the app MAY do this and that. it does not say that it does that. i mean, would you use a lesser known browser to log into a banking website? it just has too many powers over your browsing sessions. just like a software keyboard requires the powers to see what you are typing!
 

manu1991

Ancient Philospher
Regulars
Messages
7,334
Location
Delhi
It appears while installing all keyboards. I am not saying one particular developer is doing it. All developers do it. Question is, is it right for them to do so?
 

Similar threads


Top