ToonMe, Laika, ToonArt and other photo editing apps that compromise data security

4 minutes read

The Lensa app uses artificial intelligence from Stable Diffusion to generate virtual avatars with artistic styles. (Tech Briefly)

editing apps Photographsespecially those that offer functions linked to artificial intelligence, have become popular in recent months and the use of each one, either for free or for I payrequires not only its installation in the devices of people but also, from permission to Photo gallery or at camera of smartphone.

Table of Contents

However, although these permits are required, the Applications They can not only access the data of the devicesbut more information related to the user and, sometimes, this data is used for other purposes.

TechMarkup analyzed nine random applications with the objective of knowing what type of data is shared and what it is used for, to determine if this data could eventually lead to dangers of cybersecurity.

These are: “Voi – AI Avatar App by Wonder”, “Laika – AI Photo Editor”, “ToonArt Cartoon Photos”, “Lensa: Photo Editor”, “Wonder – AI Art”, “Anime Style Photo Effect ”, “ToonMe caricatures of yourself”, “Editor Voilà AI Artist” and “AI Photo Enhancer”.

AI-powered photo-editing apps have access to user information. (Table: TechMarkup)

One of the characteristics of the applications that were analyzed by infobae the thing is Play Store makes a difference between the data that is collected by the application in order to provide a better service and the data that is shared with third parties with commercial purposes or other type.

“Laika – AI Photo Editor” is an example of an app that does not directly access the data of a device to be able to share them with third parties. It does not collect the information related to the performance and data of the device.

As can be seen in the analysis table of the Applications made by TechMarkup, applications can access data related to: Locationidentification (mail, name or ID), purchase history, photos and videosinteractions within the application or searches, performance of the app and other data from ID (device type, camera data, etc.).

Google Play has a section from which you can access the privacy policies of an application. (Capture)

The information collected by the applications, according to the policies of data usage Y privacy of each of them and which can be accessed at the end of the store page Play Storesays that it is used so that the application “communicates with you by sending you announcements, updates and security alerts, which we may send through a notification push, and responding to your requests, questions and comments”, as indicated Toon Art.

In other cases, it is to “improve the Services, customize the services and/or products we provide you, help with the development of our products and services”, among other functions indicated by the ToonMe platform.

In all cases, or at least in the vast majority, this information is encrypted, which means that it is protected by means of a secure connection at the time of sending, in addition, each person is allowed to send a request for deletion of the information that was collected or stored by the developers, which provides some safety to the data.

However, the case of “Wonder – Arte IA” is the most alarming because in addition to collecting in its systems almost all the data indicated in the analysis table of infobaeall these categories are shared with third parties, do not offer encrypted data transfers and do not allow the user to request the deletion of their data, so you can not do anything to prevent it from being used for commercial purposes, including the Photos that were uploaded to their systems.

AI photo-editing apps Wonder retains user information to “perform activities that ensure business continuity.” (Capture)

According to the information that is available in their policies of data use and privacyWonder processes this information with the aim of “carrying out activities that ensure the continuity of the business”, although no mention is made about what type of actions they refer to, but they have to do with “recordings visual and audio” which, together with the impossibility of removing the information of the application, it may not build trust among users.

Even though Codeway, the company that developed the appaffirm that it “undertakes to adopt all necessary technical and administrative measures and pay due attention to guarantee the confidentiality, integrity and security of personal data” and includes processes such as those anti virusVPN, encrypted storage within the company, among others, the images and videos that are collected, this information may be targets of cyber attacks.

In these cases, facial security biometric data could be compromised and, therefore, users who store data in systems that require access with this type of service could be affected in their cyber security. According to Domenic Molinaro, a cybersecurity expert, “in some countries biometric security systems are used to secure facilities. Other countries use these systems in security cameras and video surveillance, which is the most widespread application”.

“Although security systems Biometrics are difficult to hack due to their complexity and cannot be deciphered as if they were a password, but they can be compromised,” says Molinaro. “Biometrics attract hackers who are dedicated and skilled (…) once they are compromised, through theft or loss, users can be in danger forever.”

The most effective security measures to avoid being victims of someone else’s use of the biometric data is to configure two-step authentication processes on the devices that are used. In addition, it is possible to reduce the risk of a data breach by using up-to-date software and making sure you have an antivirus.

Keep reading: