Security and Data Protection in Locators

A number locator tracker takes personal information about where you go, so if some people get this data, it can cause big problems because it shows your home, your work, and all your daily routines.

the tracker app map in the phone

Data Protection: Locking Data in Motion and in Storage

Data protection is a two-part job because the information must be safe when it is moving from your phone, and it must also be safe when it is kept on the server.

Protection When Moving

When your phone sends its location to the server, this data goes through many networks, so a hacker can try to hear or take this important data at that time.

  • Strong Lock (TLS/SSL and HTTPS):

    • All connections must use HTTPS, which is a safe type of internet link, because HTTPS uses the TLS protocol.

    • The TLS protocol works like a very strong lock, which is version or 1.3, and this lock keeps the communication channel secret, so if a hacker tries to read the data, they can only see strange and meaningless words.

    • Certificate Pinning: This is like checking an ID twice because the app must not only trust the server's certificate but also know what the real certificate looks like, and this stops an attack called MITM where a hacker tries to pretend to be the real server to steal your data.

    • Strong Codes: The app must only use modern and strong ways to make the data secret, which are very hard for even big computers to break.

  • End-to-End Secrecy (E2EE):

    • This is the highest level of protection for your private information because the location data is locked on your phone and is opened only on your friend’s phone, which means the company's server acts like a simple postman.

    • Complexity: Because your location moves all the time, this way of working is hard, and it needs a complex system to manage the secret keys, but E2EE gives a guarantee that the locator company itself does not know your exact location.

Protection When Stored

Servers are like big data storage rooms, and if hackers break into them, they can get all your location history.

  • Keeping Data in a Safe (Database Encryption):

    • All saved locations must be locked with a very strong code called AES-256, which is a standard that many governments use, and the keys to this lock must be kept in a special, extra safe place so hackers cannot get the key and the locked data at the same time.

    • Physical Safety: The data must be stored in very safe data centers that have guards, cameras, and backup power to stop people from getting close to the computers.

  • Rules to Keep Risk Low:

    • Separating IDs (Anonymization): Your name and phone number must not be directly linked to your exact location, so the service uses a secret, temporary code (token), which makes it harder for hackers to find out who the stolen location belongs to.

    • Deleting Old Data: The company must have clear rules about how long they keep the exact data, for example, for 90 days, and after that time, the data must be deleted.

    • Making Data Blurry: Instead of deleting old data, the company can make it less exact, which means they only save the city or general area instead of the exact street coordinates, so no one can trace your specific path.

Access Only for the Right People: Authentication and Permissions

Authentication

  • Two-Step Check (MFA): This is the most important defense because if a hacker steals your password, they still cannot enter your account without a second thing that only you have, like a code from your mobile phone or your fingerprint.

  • Stopping Wrong Guesses (Rate Limiting): The service must stop people from trying to log in too many times after a few mistakes, which is a method to stop automatic programs that guess passwords (Brute Force).

  • Safe Password Storage: Passwords are never saved as clear words but are turned into a hash, which is a set of meaningless symbols, using strong and "slow" codes like Bcrypt or Argon2, and these slow codes make it too hard and too long for hackers to break many passwords at once.

  • Session Control:

    • Your login session must be temporary and should end automatically after some time, and you must be able to see a full list of all devices that are logged into your account, including a button that lets you "Log out from everywhere."

Who Sees What

  • Mutual Agreement: Location sharing must always be a two-way agreement, which means you give permission, and you can take that permission back easily.

  • Flexible Control: You must be able to change your settings very carefully:

    • Time Table: You can say, "Show my location only from 9 AM to 6 PM when I am at work."

    • Safe Zones (Geofences): You can say, "Show my exact location only when I am close to home, maybe 1 km away."

    • "Ghost Mode": This is a function that lets you hide your location from everyone, or just from one person, when you want some private time.

  • The Rule of "Know Little" (PoLP) for the Company:

    • The company's staff (programmers, support) must only look at your data in very special situations, such as to fix a big error or if a court asks for it, and this access must be limited by time and recorded with a security log.

the scammer in black looks at his phone

Threats and Attacks: What Locators Protect Against

Locators must protect against common internet threats and also against special attacks that try to fake location data.

General App Threats

  • Database Trickery (SQL/NoSQL Injection): A hacker puts code into a simple text box, like the login field, and this code forces the database to give the hacker a list of users or to change passwords.

  • Inserting Code (XSS): A hacker puts code onto a page, and this code secretly steals your temporary login key (session cookie) when you open the page, and then the hacker uses this key to enter your account.

  • Leaks from Wrong Settings (API Configuration): This is a common problem because if a programmer forgets to check if the person asking for a location is allowed to see it, a hacker can easily get the data of any user by just trying different user IDs.

Clever GPS Attacks and Tricks

  • Fake Location (GPS Spoofing): A hacker can use special phone programs to send wrong location coordinates, so they can lie to a parent or boss and make them think the person is home when they are really somewhere else.

    • Technical Defense: The server must check the data because a person cannot move at 500 km per hour, and the system should also check the GPS data against other things like Wi-Fi networks and the phone's movement sensors to know if the location is real or fake.

  • Account Theft (Phishing/ATO): Hackers send fake emails that look official to steal your login and password.

    • Defense: MFA is the best defense here, and the service must also send you a warning if someone tries to log into your account from a new place, for example, from a different country at 3 AM.

  • Threats on the Phone:

    • Unsafe Local Storage: If the app saves secret data like keys or tokens on the phone without locking them, other software on your phone can easily steal them.

Your Rights: Privacy Policy and Trust

Legal Rules (GDPR and Others)

  • Big Laws: The service must follow strict world laws like GDPR (Europe) or CCPA (USA) if it works with people from those places.

  • Your Rights: These laws give you the right to:

    • Know: What data is taken and how it is used.

    • Fix: Ask the company to change any data that is wrong.

    • Delete ("Right to be Forgotten"): Ask the company to completely delete all your location data and your account.

  • Limited Use: Location data can only be used for the reason you said was okay, for example, family tracking, and the company cannot secretly use it for advertising or selling it to other people without asking you again.

Clear Rules and Your Clear Agreement

  • Simple Words: The Privacy Policy must be easy to read and understand because important points must not be hidden in very long legal text, and the company must clearly say what is collected, how long it is saved, and who else sees it.

  • Active Agreement (Opt-in): You must clearly agree to the tracking, which means the company cannot just think you agree by default, and you must have the power to stop your agreement at any time.

    • "Right Time" Agreement (Just-in-Time Consent): Before you turn on a new location feature, the app must show a small message that explains why it needs your data and what it will do with it.

  • Third-Party Control: If the service uses other companies like Google Maps for showing the map, it must clearly write down what part of your data goes to them and how these other companies keep it safe.

Conclusion

So using E2EE encryption, two-step login, and strict control for internal staff makes the technical locks strong. 

Also, taking as little data as possible and being completely open with the Privacy Policy are the basis of trust, which is why a service can only be trusted with your personal location if it gives you full control and works in a very clear way.

Copyright © 2024