Security and Privacy Risks in DeepSeek’s Android App: Insights from Experts
Blog post from SSOJet
DeepSeek's AI applications for iOS and Android have been found to contain multiple security vulnerabilities, including hardcoded encryption keys, weak cryptographic algorithms, and unencrypted data transmission, which pose significant privacy risks by potentially exposing user data to interception and misuse. The apps collect extensive user data, such as device information and keystroke patterns, which are transmitted to servers associated with Chinese state-owned entities, raising concerns about data sovereignty and national security, especially due to potential data sharing with ByteDance. Regulatory bodies in Italy and Australia have blocked the app due to its inadequate privacy practices, and the U.S. Navy has advised against its use, highlighting the serious implications for organizations considering its deployment. Companies are urged to evaluate third-party applications against their cybersecurity policies, with a focus on secure authentication solutions like those offered by SSOJet, which provides robust Single Sign-On (SSO), multi-factor authentication (MFA), and user management services to protect sensitive data and ensure secure identity management.
No tracked trend matches for this post yet.