Security flaws in dating apps putting users' privacy at risk

Security flaws in dating apps putting users' privacy at risk

LOUISVILLE, KY (WAVE) - With Valentine's Day right around the corner, millions of people worldwide will turn to the internet to find their special someone. A new Consumer Reports article says before you put your heart-on-the-line, beware! Hackers are targeting online daters by spying on users and stealing their personal information.

Checkmarx, a cybersecurity firm, found two security flaws in the IOS and Android versions of the dating app, Tinder. Launched in 2012,  Tinder operates in 196 countries and claims to have matched more than 20 billion people.

The concept is simple. Users view a picture and mini-profile of a potential match, then swipe right over the picture if they're interested in connecting with that person, and left if they're not. According to Consumer Reports, hackers are now able to see which profile users are looking at, and which way they swipe. The attacker could also replace an image with a different photo, a random advertisement, or even a link to a website that contains malware, which could potentially steal users personal information.

Toys 'R' Us plans to close 2 WAVE Country stores
List narrows to 4 in Bullitt Co superintendent search
Some retired teachers may see health premiums spike

Safety experts say it all comes down to encryption.

Normally, if you're using your computer to use the service, the "https" before the web address ensures it's a safe, encrypted, site. However, apps don't always use the encryption, making it easier for hackers to steal private information.

For the attack to work the hacker and victim must both be on the same wireless network - either an unsecured network or a public one, like a coffee shop or a WiFi hotspot.

Tinder released a statement saying its desktop and mobile web platforms do encrypt profile images, and the company is now working on encrypting images on its app.

Copyright 2018 WAVE 3 News. All rights reserved.