In Jul this year, the ‘honesty app’ Sarahah developed in the Saudi Arabia topped the list of most downloaded apps in the Apple App Store. Sarahah joins the list of apps that have become very popular among youngsters in a short time. Other similar apps are Yik Yak, Ask.fm, Secret, and After School.
The app is in news again for all the wrong reasons; experts recently claimed that it is accessing contacts on users’ phones, without asking for consent. Sarahah is being used by many people in the UAE, as they believe it’s a good way to share candid feedback, but it’s important that users are aware of this security risk.
According to Fortune Tech, the app harvests phone numbers and email addresses from smart phones in which it is installed. While the app seeks users’ permission to access their contacts, it doesn’t notify users that it will save their contacts.
Sarahah’s developer Zain al Abidin Tawfiq recently said on Twitter that this will be removed in the future while claiming that the app accesses people’s contacts for its ‘find your friends’ feature. Zain informed that soon the app will stop extracting contacts, but he has not committed by when this will be done.
Speaking to The Intercept, security expert Drew Porter explained, “I do find it concerning, mostly because the information that the company may be getting could be what other people consider very private, and you don’t know the security of the company that is getting it. We’ve seen popular apps before, total information leakage comes out, and it’s devastating to those companies. I believe it’s even more devastating to the user whose information was compromised.”
The app might also expose you to other dangers of the online world, such as cyber bullying, but that has nothing to do with a flaw in the app but depends on the way people use it.