Users Tracked Through Their Device’s Battery

User tracking is getting more and more advanced. A way of gathering user data was reported in a recent study by Princeton University. Crooks use the Battery Status API of web browsers to track their activity.

What’s a Battery Status API?

The Battery Status API is an HTML 5 feature for websites, online services, and other internet entities to get data from their users’ battery data. It was first implemented in 2015. The idea behind the Battery Status API is to improve power management. Depending on the battery levels of the used device, the API would regulate power consumption. The tech was developed by W3C (World Wide Web Consortium), a company for development of web standards.

It sounds like a fairly reasonable feature. The problem is that the battery can be used for tracking. The battery status of each user can be identified, and the info used to follow his/hers activity on the Web. Most users probably weren’t aware of the web tool.

Who can use the Battery Status API tracking?

The report by the Princeton team states that the tracking method is already being used by two big ad scripts. It’s possible that more advertisers use the tracking method. It wouldn’t be the first unethical method of data gathering used by ad agencies.

The Potential Dangers Of Collecting User Information

Browser hijackers are another questionable way of data collection. While these practices are annoying, they aren’t strictly speaking, illegal, as users technically agree to it merely by using the services. Some users are willfully ignorant of this information gathering, and most don’t care. Most web advertising is annoying, but that’s not the worst side of data gathering. All collected information is stored, and it’s unknown where it may end up in the future. Malicious ads can pose a cyber-security, as a lot of viruses and malware is spread through malicious pop-ups and banners. The more serious threat is in case their servers get hacked, the collected information can be stolen and used for more nefarious purposes. Just because the information is relatively safe now, doesn’t mean it’ll be safe forever. A good example is the recent hack of Telegram. The application itself didn’t abuse customer information, but the security breach sure did. 15 million phone numbers were compromised. The hackers got information that may threaten the safety of some users who are in delicate political situations, like journalists or activists. As the Battery Status API case proves, the tracking methods are only going to get more advanced.

Was this content helpful?

Author : Joseph Steinberg

Joseph Steinberg is the editor-in-chief, lead content creator, and local father figure of Best Security Search. He enjoys hiking and rock climbing and hates the 12345678 and qwerty passwords.

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *