Incognia Mobile App Study Reveals Low Detection of Location Spoofing in Dating Apps
With over 323 million users of dating apps worldwide, study finds location spoofing is a threat to user trust and safety.
August 2, 2022
PRESS RELEASE
Palo Alto, CA -- August 2, 2022 -- Mobile identity pioneer Incognia today announced the publication of the results of its first Location Spoofing Mobile App study: Dating Edition. The study was conducted to test how susceptible mobile dating apps are to location spoofing. The report studied 24 leading dating mobile apps worldwide, including: Tinder, Hinge, eHarmony, Match, OkCupid, Grindr, and more.
Within the United States, the Federal Trade Commission has reported $549 million lost in romance scams within 2021, which is up 80% from the prior year. Using fake personas and identity fraud to "catfish" unsuspecting users, fraudsters are targeting dating apps for financial gain. The latest Incognia Location Spoofing Mobile App study of dating apps analyzes how dating apps make use of user location to provide potential suitors and how these apps are susceptible to location spoofing. The lack of location-spoofing detection capabilities is an issue because it enables scammers to target users in any location, putting 323 million users worldwide at risk.
There are five main methods fraudsters use to spoof location: VPNs and Proxy servers, GPS spoofing apps, emulators, instrumentation tools, and app tampering. The Incognia Mobile App study found that 80% of tested dating apps request users to share location, and 37% of the apps that requested location were easily GPS spoofed. The study found that 50% of dating apps in North America and APAC could be spoofed using GPS-spoofing apps. Notably, none of the dating apps tested from EMEA could be GPS spoofed.
"With 3 out of 10 U.S. adults using a dating app, ensuring the safety and trust of users is critical, given catfishing and fraud attempts are on the rise," said André Ferraz, founder and CEO of Incognia. "Dating and social apps are vulnerable to fraudsters faking their location to target a broader set of users. These apps are exposed to fraudsters' location-spoofing attempts that can result in financial theft and trust and safety issues."
To conduct this study, Incognia first downloaded each app on an Android device and created a new user account, then observed if the app requested the user to share their location and also if the app displayed the user location. Next, a GPS-spoofing app was used to spoof the user location and it was observed if the app detected the spoofed location or real user location. More sophisticated methods such as app tampering were not tested for this report.
Key data points from the report include:
80% of the tested apps requested the user to share location. None of the apps provided messaging that the user location was being used for fraud prevention.
37% of the apps that requested location could be easily GPS spoofed.
50% of the apps in North America and APAC could be GPS spoofed.
None of the tested apps from EMEA could be GPS spoofed.
To read the full report and analysis, please download the Incognia Mobile App Location Spoofing Report.
In support of trust and safety, Incognia is offering a complimentary location spoofing audit to any company offering location-based services via a mobile app. Sign up for a complimentary Location Spoofing Audit to get an assessment of how much location spoofing is happening in your app.
About Incognia
Incognia is a privacy-first location identity company that provides frictionless mobile identity and authentication solutions for fraud prevention and trust and safety. Deployed in over 200 million devices, Incognia delivers a highly precise risk signal with extremely low false-positive rates to banks, fintech social, gaming, and mCommerce companies, for lower fraud losses, increased mobile revenue, and to support trust and safety for users. Incognia's award-winning technology uses location signals and motion sensors to silently recognize trusted users based on their unique behavior patterns and is a key enabler for zero-factor authentication.
Incognia is privately held and headquartered in Palo Alto, California, with teams in New York and Brazil.
You May Also Like
Transform Your Security Operations And Move Beyond Legacy SIEM
Nov 6, 2024Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024Securing Tomorrow, Today: How to Navigate Zero Trust
Nov 13, 2024The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024