Skip to main content

Be careful! More and more apps are silently listening to you

coffee shop wifi
Monkey Business Images/Shutterstock
A device tracking technology called SilverPush has been thrust back into the limelight, following several years of concerns, after a team of researchers found that, even though most users are unaware of its presence on their smartphones, its use is on the increase. What does SilverPush do? It uses the microphone on your smartphone to listen for special ultrasonic signals embedded in audio content, or sent by beacons, to anonymously track location, habits, and media use.

Why do this? It’s an excellent way of determining if you pay attention to advertising, and in conjunction with other data, it’s a way to tailor new ads that will appeal to you. If your smartphone has an always-listening mode, such as that used for Siri, Google Assistant, or other virtual assistant programs, then SilverPush can also hear the ultrasonic audio markers sent out to it.

Recommended Videos

These markers may come from in-store beacons, your television, or any audio system. Potentially, it could reveal if you stopped to look at the new promotional items in a store, if an ad on TV made you look away from your phone, or if you picked up your phone to visit a website after seeing an ad. Think of it as the audio equivalent of a browser cookie.  Its presence “emphasizes the step between spying and legitimately tracking is rather small,” say the researchers.

Apps with millions of downloads

The team looked for apps with SilverPush’s code inside, along with code from other companies offering similar services such as Lisnr and Shopkick. It discovered SilverPush technology inside 234 Android applications, all of which can listen for ultrasonic audio clips embedded in audio from a television, and do so without your knowledge. Rather than only being found in shady apps few people will download, several apps apparently have millions of downloads, and include those produced by McDonald’s and Krispy Kreme.

We contacted both for comment. McDonald’s U.S. and McDonald’s U.K. representatives each responded that the technology isn’t in use by their company. Krispy Kreme U.S. has yet to respond, but the company’s U.K. office replied with the following statement:

“We do not use any technology in the U.K. that would enable us to access the microphone of a smartphone or any other device.”

Why the renewed interest in the tech? It’s because SilverPush’s use in apps is on the increase, as only six apps were found with SilverPush technology in 2015, compared to the more than 230 now discovered. However, while the potential for SilverPush and related technology to be used for covert tracking is there, and it’s gradually appearing more in our apps, it’s not being exploited at the moment.

The research team didn’t find any television content with the ultrasonic audio embedded inside, for example. The team also noted the hardware on many phones may not be up to the task of hearing these ultrasonic clips, and that the Android operating system will warn you if an app requires specific permissions to access audio, allowing you to deny the request at installation. Plus, as McDonald’s and Krispy Kreme’s response indicates, the software may not be used in apps available in all territories.

It appears that while ultrasonic tracking technology is being investigated, its full potential to become a legitimate privacy concern hasn’t been realized. Drawing attention to it may help prevent the technology from becoming a wide concern; but because we’ve been hearing (if you’ll forgive the pun) about SilverPush since 2015, and had several warnings about it in 2016, it appears the message hasn’t quite gotten through yet.

Article published 05-09-2017. Updated on 05-09-2017 by Andy Boxall: Added in comment from McDonald’s and Krispy Kreme.

Andy Boxall
Andy is a Senior Writer at Digital Trends, where he concentrates on mobile technology, a subject he has written about for…
If you have one of these apps on your Android phone, delete it immediately
The app drawer on the Google Pixel 8 Pro.

The NSO Group raised security alarms this week, and once again, it’s the devastatingly powerful Pegasus malware that was deployed in Jordan to spy on journalists and activists. While that’s a high-profile case that entailed Apple filing a lawsuit against NSO Group, there’s a whole world of seemingly innocuous Android apps that are harvesting sensitive data from an average person’s phone.
The security experts at ESET have spotted at least 12 Android apps, most of which are disguised as chat apps, that actually plant a Trojan on the phone and then steal details such as call logs and messages, remotely gain control of the camera, and even extract chat details from end-to-end encrypted platforms such as WhatsApp.
The apps in question are YohooTalk, TikTalk, Privee Talk, MeetMe, Nidus, GlowChat, Let’s Chat, Quick Chat, Rafaqat, Chit Chat, Hello Chat, and Wave Chat. Needless to say, if you have any of these apps installed on your devices, delete them immediately.
Notably, six of these apps were available on the Google Play Store, raising the risk stakes as users flock here, putting their faith in the security protocols put in place by Google. A remote access trojan (RAT) named Vajra Spy is at the center of these app's espionage activities.

A chat app doing serious damage

Read more
Have a Samsung phone? This is the one app you have to download
Samsung Goodlock app logo.

The main page of the Samsung Good Lock app Nadeem Sarwar / Digital Trends

Samsung’s One UI is a mine of hidden features, especially for users that are deep into customizing every aspect of their phone. The most obvious place to start is enabling the developer options and digging into the Labs section. But there is still a ton of functional and aesthetic ground left to cover, which is often not possible even if you turn to third-party tools and launchers.

Read more
What is WhatsApp? How to use the app, tips, tricks, and more
WhatsApp logo on a phone.

There’s been no shortage of instant messaging apps over the past decade, as the rise of advanced smartphone platforms has created the need for more sophisticated ways to communicate than traditional SMS text messages allowed for.

In fact, the Apple App Store and Google Play Store are both littered with apps that promised to be the next big thing in mobile communications. Yet, many of those fell by the wayside as they failed to achieve the critical mass of users needed to make them useful. After all, apps designed for communicating with others don’t do you much good unless enough folks are using them. Luckily, WhatsApp made our list of the best iPhone Apps and our infamous list of the best Android apps out there.

Read more