Are banned apps really banned?
Internet security threats have always been a major concern, but over the years it’s been the hacked versions of banned apps operating under the seams that have given governments a hard time.
India has a host of apps available in the market. For anything you can think of, there’s an app to the rescue. From booking a cab to ordering your favorite meal, apps are used for chores throughout the day. This popularity and dependence on apps has given rise to another app format: the APK.
Popularly known as Android Package (APK), it is a file format used by the Android operating system that allows users to install applications. It mainly contains files like manifests, layout files and classes.dex etc. which can easily be generated from Andriod Bundles APKs.
Another version of Mod APK allows users to unlock inaccessible features i.e. counter subscription plans or the latest version of the app. Users recommend downloading Mod from a “trusted source” because unknown sources can invite malware and dangerous code, leading to vulnerabilities that bypass authentication – with all your data exposed.
A recent study by Appknox indicates that 75% of India’s top 100 Android apps contain security risks, with even the most significant ones falling behind on the most basic security checks.
(Perceptions of Security and Privacy Access to Third-Party Apps for Google Accounts, November 2021)
Additionally, Google provides application programming interfaces (APIs) to enable authenticated third-party services by accessing a user’s account data. Such access could pose privacy risks, as third-party apps have unintended privileges on the account.
But what about apps accessible to users even after being banned?
Access to prohibited applications – a security hole
Last week, Minister of State (MoS) for Electronics and Information Technology (MeitY) Rajeev Chandrasekhar announced that the government had blocked access to a total of 348 apps, citing alarming concerns over collection and transmission of data to servers outside India.
However, in 2020, when the ministry banned 59 apps in India, it was the first ever large-scale ban. The government had said the apps in question were “prejudicial to the sovereignty and integrity of India, India’s defence, state security and public order”. The entire nation was taken aback. But the real question is how are these apps still accessible to many of us?
An internet search for “how to use banned apps in India” would flood your screens with endless results. But it’s not as simple as downloading it from a reliable source.
List of banned apps in 2020 (Press Information Bureau, Government of India, June 2020)
One of the most popular way to access it is through VPN (virtual private network), where user can hide IP address to access free content which is banned in real places. Using a reliable VPN can’t hurt, but not doing so can make the user vulnerable to cyberattacks.
According to Simon Migliano, global VPN usage increased by 54% in 2019. India and Indonesia are increasingly adopting VPNs, leading to the “invasion” of reliable VPN solutions in the mobile space and the need for security. India saw the most explosive growth of 405% from 57 million downloads. As adoption rates are high, security concerns increase along with it.
Due to the current geopolitical rift with China, the Indian government continues to ban apps due to data breach concerns. Users, however, are still finding ways to access these apps, but are the security issues really fixed?
“I downloaded TikTok and Camscanner on my new phone and use them almost every other day. VPNs have always provided a big loophole,” one user told the Deccan Herald.
What does this mean for the government?
From the first digital attacks recorded in 2004, a Surfshark study indicates that India is the sixth most violated country in the world. This means that 18 out of 100 Indians have had their details breached since 2004. The Indian government has already received reports of banned apps re-entering the market in new formats.
But what about versions available outside of third-party app stores?
The National Cyber Security Policy 2013 was a policy framework implemented to monitor and protect users from cyber attacks. With the significant increase in cybercrime activities, cyberthreats of such complexity call for a review of the rule. This would strengthen the cyberspace economy in the country.
India has certainly defended major cyberattacks in the past, but it is clamoring for better policy implementation. The internet is a vast space and we are all connected to the web. But we must also not fall into its trap.