Since its launch last week, Pokémon GO has become something of a global phenomenon. However, the game’s developer, Niantic has received a good deal of criticism around how the app uses Google Account information that players give to access their profile in the game. Those claims are without foundation, though, according to that developer.
According to the Guardian, users of Pokémon GO on Android and iOS have been using the app, blissfully unaware that signing in with their Google account grants developers Niantic and The Pokémon Company full access to those Google accounts. It’s a decision that’s led many to question exactly why Pokémon GO‘s developers would need access to such information, ultimately creating for a number of security concerns for Pokémon GO players across the planet.
— Engadget (@engadget) July 12, 2016
Security concerns are especially prevalent on iOS devices, where the app is automatically given the ability to view and send emails, whilst also viewing and deleting Google Drive documents, along with accessing your YouTube viewing history and accessing contact details, all through the Google account used to sign-in to the app.
It’s easy to understand why players of Pokémon GO would be concerned by how much access the app has to their personal information. However, according to Eurogamer, the developers behind the game, Niantic and The Pokémon Company claim that the level of access awarded to the app was a mistake, saying “We recently discovered that the Pokémon Go account creation process on iOS erroneously requests full access permission for the user’s Google account.”
— Eurogamer.net (@eurogamer) July 12, 2016
They continued by explaining that Pokémon GO only uses a select amount of the data it collects, saying “However, Pokémon Go only accesses basic Google profile information (specifically, your User ID and email address) and no other Google account information is or has been accessed or collected.” The joint statement between Niantic and The Pokémon Company continued by claiming that, once they received reports from users about the issue, work immediately started on a fix to the issue.
RELATED STORIES ON INQUISITR:
That being said, for players of Pokémon GO who don’t fancy giving their Google account information to the app’s developers, Pokémon GO does allow for the creation of a native account, with an email and password reserved exclusively for use with Pokémon GO. Whilst developers Niantic and The Pokémon Company remain keen to stress that they’re not using the Google account information collected about their players, security conscious users are likely to opt against providing that information.
Niantic’s use of Google account information isn’t the only security concern surrounding the release of Pokémon GO. The game’s staggered release across the globe and lack of availability in some countries has led many players to downloading unofficial APK versions of Pokémon GO online. However, it’s quickly transpired that some of those versions don’t offer everything they claim to, effectively providing a back door into Android devices for hackers looking to steal information.
With an app release as high profile as Pokémon GO, security concerns are always going to be something of a given. However, the game’s developers are going to want to iron out those issues quickly, if they wish for Pokémon GO to see the same levels of success as it has done to date. The key issue around the security of APK downloads will likely be solved when Niantic and The Pokémon Company officially release Pokémon GO in major markets, including the United Kingdom and Canada, which is likely to come later this week.
[Image via The Pokémon Company]