Christian Mingle and more religious Android apps with downright sinful privacy policies

Facebook: How To Insert Link into Wall - YouTubeBefore you crack open that Bible app, make sure it’s not on our list of data devils. 

Sanda Stanca/EyeEm/Getty Sometimes developers of religious apps take the edict to be “fishers of men” too far, and sometimes the faithful put their faith in the wrong apps. As public focus on the security of apps on the Google Play Store intensifies following years of data leaks, adware infections, security scandals and malware contagions, little coverage has been devoted to one of the most commonly exploited types of Android app: those aimed at believers. 

Religious apps have long been dangerous, malware-laden territory. A widely profiled 2015 white paper from security research firm Proofpoint analyzed more than 5,600 unique Bible apps for Android and iOS. Proofpoint categorized 140 Google Play Store apps as “high risk” over suspicious behavior and flagged 208 apps for malicious code. The firm went so far as to say it had found more malware in Bible apps than even gambling apps. 

Proofpoint’s study wasn’t restricted solely to Christian-audience software, either. Of the 4,500 Quran apps it analyzed, 16 contained malware and 38 were classified “high risk.” Only two of the 200 Torah apps available at the time contained malware.

Despite these findings, Proofpoint did not share the names of any of the malware-laden apps at the time, telling several media outlets it was negotiating with the apps’ developers. But things have been quiet on the religious app front since then. A spokesperson for Proofpoint confirmed that the firm has not since released the names of the offending apps covered in the 2015 study.

Security issues with many religious apps — and apps in general, for that matter — start with permissions. “Normal” permissions are usually granted by Android — these let apps stay awake during use or get online when you tell them to. But “dangerous” permissions ask for sensitive data that, if mishandled, could easily compromise your privacy. 

Some permissions that could be considered dangerous may not put you in harm’s way — like when a book-reading app asks permission to save a book to your phone so you can read it offline. But sometimes these dangerous permissions include unnecessary requests for more information than needed. Those red flags alert you to an app’s overall security: That book-reading app doesn’t need to read your list of phone calls, pinpoint your exact location or change your system settings in order to function, does it?

Read more: 7 Android VPN apps you should never use because of their privacy sins

Most security researchers express a general rule of thumb: The fewer permissions an app requests, the better. For the faithful, a similar note of guidance might be found in Proverbs 20:19: “A gossip betrays a confidence; so avoid anyone who talks too much.”

These six popular apps aimed at a Christian audience talk to your phone far more than is necessary, potentially eliciting sensitive information. Here’s what you need to know before letting them onto your Android phone.

It’s time to turn over the table on data-trading Bible apps.

Godong/robertharding King James Bible apps
Little appears to have changed since the Proofpoint study emerged and Bible apps in the Play Store started coming under scrutiny. When you search for “Bible” in the Play Store, four of the top five search results request dangerous permissions from users. 

King James Bible (KJV) from Salem New Media (a freemium app) has accumulated more than 10 million installs and a rap sheet from Privacy International, which discovered the app sending user data to Facebook in March after claiming it had stopped. The app is still available on the Play Store, and still makes egregious requests of users’ data. 

New Salem Media wants the app to begin running as soon as your phone powers on (instead of when you open the app). Then it wants to know what other apps you have on your phone, what they’re doing now and in the past, who you’ve been calling and how often, and your precise location. The company also tracks your activity and gives advertisers access to you, according to its own privacy policy. 

With more than 5 million installs, the most popular free Bible app, according to the Play Store, is King James Bible (KJV) from iDailybread.org. 

It asks for many of the same permissions as New Salem Media. It also wants permission to create new accounts (of what kind? it doesn’t say), set passwords and change your settings to allow it to update whenever it wants. It also asks for permission to throw itself on top of other apps you’re using — giving it the power to change the appearance of your other apps or serve pop-up ads — and to start running as soon as you turn your phone on. 

The 99 Android apps maintained by Watchdis Prayers — including its King James Bible app — go even further: The King James Bible app wants permission to do all of the same things the above Bible apps want to do, and then it wants to control near-field communications — the system used by Android Pay. 

If you’ve installed any apps maintained by Watchdis Prayers, we strongly recommend uninstalling them and updating your passwords for any social media or email accounts you use on your phone — at least until you know what this company is doing with such a massive amount of personal data and access to your digital wallet. 

Watchdis Prayers’ only available contact information is a Gmail account purportedly manned in the Netherlands. It has no current privacy policy on its website, and offers no further information about who’s running the show. A cached version of the company’s site indicates it had a privacy policy last month, but it reads almost as cryptically as the blank page that replaced it.  

None of the three companies above responded to requests for comment. 

YouVersion Bible
YouVersion Bible is notorious for privacy violations and dangerous data collection. Yet, here it is: still seated firmly in the Play Store, racking up over 100 million installs with a whopping 22 permission requests. 

When Slate wrote about it back in 2013, the app’s creator said that YouVersion collected so much data even Google took notice and sent its own engineers to help parent company LifeChurch.tv “sort out how to store and analyze the flow.”

Today, the app asks for all of your contacts’ information and your precise GPS location. Then it asks for not only the information for any accounts you have for other apps on your phone, but the ability to use the accounts on your device. Like many others in this list, YouVersion wants to start running as soon as your phone turns on, instead of waiting until you open the app.  

The app’s creator, Bobby Gruenewald, told Slate all that data collection “is used to improve the experience of the app, with the aim of helping people globally to engage with the Bible.”

I think you should find a more secure app to engage with the Good Word.

But following this article’s publication, Gruenewald reached out to CNET to make a compelling case for YouVersion, and offered an update on how things have been developing since 2013. He said YouVersion has not only pared down its data collection, but actively aims to reduce it further.

He said he and his team now want a third-party privacy audit.

“It’s horrifying to me personally that any user would feel like we violated their privacy,” he said. “We view their experiences with the Bible as sacred.”

As Android app permissions have been narrowed through the years, YouVersion’s data collection practices have aggressively followed suit, Gruenewald said. He also said YouVersion has worked hard to never store user data that doesn’t specifically help the app function.

YouVersion had no choice but to request broad permissions like those requesting call log access in order to get the more narrow part of that permission, which would allow the app, for instance, to silence its audio when a user receives a phone call, Gruenewald said. The company has never implemented the use of the data, he added.

“We’ve actually worked with Google and others to make sure that we’re always refining best practices and wanting where possible to remove, if possible anything that wasn’t necessary,” he said. “I do this as an ongoing process.”

Despite being regularly approached by third parties through the years who beg for a slice of YouVersion’s anonymized data, Gruenewald said his company is a ministry that refuses to follow the business models of other free Bible apps who either monetize user data or share it.

“There are definitely some bad actors out there … and some of them have been extremely egregious and have made their app look like our app, and we’ve had to go through the court system,” he said. 

“Because of that, we want to do our best to be the gold standard.”

In an app market crowded with data exploiters, YouVersion’s ambition to establish the gold standard is a welcome one. And if it follows through with that audit, I’ll be the first to sing its praises.

Television evangelist and conservative political activist Pat Robertson poses in the control room for his 700 Club TV show. 

Wally McNamee/CORBIS/Corbis via Getty Images Christian Broadcasting Network
Famous for its 700 Club programming and its controversial host Pat Robertson, the Christian Broadcasting Network maintains 11 Android apps for download in the Google Play Store. The largest purveyor of the apps surveyed here, CBN also maintains one of the most detailed privacy policies we’ve seen. We don’t like what it’s doing with your data, https://www.facebook.com/ but we do like that it explains its usage in three readily accessible pages with layman-friendly language. 

Permission requests vary among each of CBN’s 11 apps, but three ask for enough information to warrant sober concern. 

CBN Radio presents itself as an app that just wants to broadcast your favorite Christian music. But there are enough requests in its permission list to present a case for avoiding the app altogether. It wants to know your precise location, and what kinds of phone calls you’re making and to whom and how often. It wants to be able to take pictures and video. And why does a radio streaming app need to begin running as soon as you turn on your phone? It doesn’t. 

The myCBN Prayer & Devotional App has even more red flags. With more than 100,000 installs on the Play Store, the app wants to know everything CBN Radio knows, plus it wants to control your flashlight, turn your Bluetooth settings on and off (a notable security concern), get a full list of all your contacts and any accounts on your phone, take control of your camera and microphone, https://www.facebook.com/ and control your location update notifications. 

The most concerning security issue with CBN apps may be that found in the permission requests of its children’s app, Superbook Kids Bible, Videos & Games. It’s generally not a good idea to allow an app to disable your lock screen, nor to start running as soon as your phone is turned on. But giving a kids’ app permission to take photos and videos of your child, as this one does — even as part of a feature allowing kids to upload their own pictures — after you’ve allowed it to disable your lock screen may be a bridge too far. 

Even if you trust CBN with access to your intimate information, data breaches have become a near-monthly reality for competitively secure companies. You can request CBN delete your data, according to its policy, but once your data is copied into the hands of CBN’s many third-party contractors, and their third-party contractors, there’s no way to unring the bell. 

We would love to know why CBN needs this much access and control to provide seemingly simple services, and whether it has a plan in place in the event of a serious hack. CBN declined to be interviewed for this story, however. 

Don’t give up your data on the first dating app.

Getty Images Christian Mingle and Christian Matrimony
Well-known dating app Christian Mingle has more than half a million installs on the Play Store, and was hit with a $500,000 fine in October of 2018 for automatically renewing subscriptions without users’ express consent. It requests an overwhelming 23 permissions from its users, including some particularly curious ones. 

Why does a dating app want to disable your lock screen, then get a full list of all the apps on your phone and your history of usage for each? Why does Christian Mingle need to know your precise location, when you’re making a phone call, who you’re talking to, and how often you talk to them? Most curiously, why does Christian Mingle need to control your flashlight?

The lesser-known Christian Matrimony app, from CommunityMatrimony.com, likewise raises questions. With more than 100,000 installs, the app wants to change your audio settings and get a list of all the apps you’ve already installed on your phone. Then, like Christian Mingle, it wants to find out who you’re making phone calls to. It goes beyond Christian Mingle, however, and asks for permission to directly call phone numbers. 

Representatives for both Christian Mingle and Christian Matrimony said they’d have someone call us back. So far that hasn’t happened. 

Cold Case Christianity
The Cold Case Christianity app is a promotional tool for the writing of public speaker J. Warner Wallace, with more than 10,000 installs on the Play Store. Once given permission, it can read your personal contact list, find out who you’ve been calling and how often, and record your audio and change your audio settings. It can also take a peek at your pictures. 

The most intrusive permissions allow the app to look at your personal calendar and confidential information, then create or change events on your calendar and email guests to those events (your friends, coworkers and anyone else in your contacts) without your knowledge. 

Apps generally shouldn’t do this. If they do, you should be able to find out what that app is doing with your information. But in the case of Cold Case Christianity, the website now redirects to the white-label commercial site Buildfire, and the privacy policy is likewise gone, last seen in 2017.

Wallace’s only contact information appears to be his booking agent, Matt Croaker, who returned our call. 

“I don’t think he’ll be interested in commenting,” Croaker said of Wallace. 

Exorcise this malevolent Bible malware. Stat. 

Getty Images Bible Verses App 
The Bible Verses App from SpringTech has been classified by a number of credible virus-watching companies as a browser hijacker, and infects your browser with spyware-packing trojans. It takes over your browser and forces you to redirect to its fake search engine, then it tracks all of your browsing activity and prevents you from changing any browser settings until it’s removed. 

Parent development company SpringTech no longer appears to have any contact information on the web. Get this extension and any related files off of your computer as soon as you can. Then change the passwords to all of your online accounts. 

To this end, PC Risk has a reliable walk-through on how to uninstall the Bible Verses App.

Now playing: Watch this: Loads of Android apps are skirting privacy controls 1:12 Originally published Oct. 2.
Update, Oct. 3: Adds comment from Bobby Gruenewald.

Comments Mobile Apps Security Culture Google Play Privacy Google Notification on Notification off Mobile

249 Responses to Christian Mingle and more religious Android apps with downright sinful privacy policies

  1. how many men are going blind from viagra buy viagra online delivery chewable viagra 100mg healthy man viagra phone number when will viagra be over the counter in usa what does viagra do if you don’t have ed cardiomyopathy and viagra

  2. Markbus says:

    biere viagra https://viagfr.com cialis ou viagra que choisir
    viagra france
    viagra avec ordonnance ou sans

  3. Buy viagra online canadian pharmacy hopeviagrin.com viagra tabs

  4. can viagra cause smelly gas how much bigger does viagra make a flaccid penis sildenafil citrate online india how much do 50mg viagra cost on the streets

  5. Kbrgdyen says:

    best viagra tablets india buy online viagra tablets in india us viagra over the counter

  6. llevitraaa says:

    cialis levitra staxyn and viagra cost comparison [url=https://llevitraa.com/]levitra buying[/url] levitra double dosage

  7. llevitraaa says:

    comprar levitra por internet [url=https://llevitraa.com/]generic levitra[/url] quanto dura erezione con levitra

  8. llevitraaa says:

    qual o melhor cialis levitra ou viagra [url=https://llevitraa.com/]generic levitra buy india[/url] nebenwirkungen viagra cialis levitra

  9. upugwqdtc sale on cialis [url=https://thinfi.com/wy1l]cialis everyday[/url] discount cialis celis pills can you buy viagra without prescription?
    cialis without a doctor prescription usa [url=http://musikayf.ru/user/WilliamsonCooper52/]herbal cialis[/url] cialis without a doctor lowest cialis prices tadalafil 5 mg

  10. white viagra says:

    should use generic viagra
    viagra online indian pharmacy
    female viagra price in india Avelt Scawn

  11. does viagra help you climax propecia online without prescription how much money does the military spend on viagra when will generic viagra be available in us

  12. llevitraaa says:

    levitra 10 mg erfahrungen [url=https://llevitraa.com/]levitra sales in usa[/url] male enhancement pills levitra

  13. llevitraaa says:

    welche dosis levitra [url=https://llevitraa.com/]cheap levitra for sale[/url] comparatif viagra cialis levitra kamagra

  14. llevitraaa says:

    difference between cialis and levitra [url=https://llevitraa.com/]levitra buy in uk online[/url] kur var nopirkt levitra

  15. what is good about viagra viagra for blood pressure pills that help with erectile dysfunction best webssite to buy viagra viagra works best when how to know when viagra is working

  16. qfstunnon cialis 20 mg usa [url=http://freeclassifiedsads.in/user/profile/103694]cialis for sale on internet[/url] cialis pill cailias cialis dose
    where can i get cialis [url=http://www.enjoycre.com/index.php?option=com_k2&view=itemlist&task=user&id=895452]coupon for cialis prescription[/url] generic cialis uk when will there be a generic cialis cialis walmart

  17. cbd oil for pain thru amazon cbd oil for pain management cbd hemp oil uses for health

  18. EarnestJaili says:

    cialis testosterone https://cialfr.com cialis agit au bout de combien de temps
    acheter du cialis en ligne
    ou trouver du cialis en vente libre

  19. EarnestJaili says:

    cialis internet https://cialfr.com cialis 20 mg 2 film tablet
    cialis pas cher
    ou acheter viagra ou cialis

  20. viagra 50 kaufen
    best web sites for viagra
    buy lithium quartz beads Avelt Scawn

  21. golden viagra
    viagra generic name
    female viagra tablets price in india Avelt Scawn

  22. fixcialsa says:

    sildenafil tadalafil and vardenafil [url=https://cialisfix.com/]cialis generico 5mg costo[/url] cialis daily online

  23. fixcialsa says:

    buy cialis no rx [url=https://cialisfix.com/]order cialis in australia[/url] price of genuine cialis

  24. Tgcrbt says:

    clomiphene tablets – https://clomisale.com / buy clomid online without prescription

  25. fixcialsa says:

    buy generic cialis online without a prescription [url=https://cialisfix.com/]order cialis 20 online[/url] cialis overseas

  26. DbsfShimi says:

    online viagra viagra over the counter uk price order viagra from canadian pharmacy

  27. FbsbQuele says:

    best way to maximize viagra becoming immune to viagra viagra 100 packungsbeilage

  28. where can i get viagra over the counter viagra heart what does viagra for women do what does viagra do?

  29. which is better viagra levitra or cialis alternative to viagra over the counter is viagra good for you where is viagra made 100mg viagra vs 20 mg cialis viagra on sale

  30. FdbvShimi says:

    viagra for sale in united states can i buy viagra over the counter australia viagra online cheap no prescription

  31. FbsbQuele says:

    forum achat viagra generique viagra pour femme tunisie che effetto ha il viagra

  32. fixcialsa says:

    tadalafil over the counter [url=https://cialisfix.com/]cialis viagra levitra differences[/url] legal buy generic cialis

  33. FmsgQuele says:

    ace inhibitors with viagra generic viagra reviews how to get rid of viagra headache

  34. cbd oil for pain thru amazon cbd cannabis seeds for sale does cbd oil help tinnitus

  35. fixcialsa says:

    productos parecidos cialis [url=https://cialisfix.com/]how to order cialis[/url] tadalafil sublingual

  36. fixcialsa says:

    cialis online bestellen original [url=https://cialisfix.com/]cialis ordering[/url] cialis 20mg side effects

  37. FdbvShimi says:

    where to buy real viagra online genuine viagra australia viagra india pharmacy

  38. FnrdQuele says:

    viagra in usa viagra for men viagra sale in malaysia

  39. Bmcmon says:

    write my paper for me – https://termpaperwr.com/ my father essay writing english essay help

  40. DbsfShimi says:

    where can you buy over the counter viagra online pharmacy australia viagra where to buy viagra usa

  41. Jsweflids says:

    lowest cost viagra online best generic viagra in india paypal viagra australia

  42. trying viagra how much does a single 200mg viagra in the us how much does viagra cost what are the active ingredients in viagra

  43. Jsweflids says:

    can i buy viagra online in australia generic viagra for sale in usa viagra online ordering

Leave a Reply

Your email address will not be published. Required fields are marked *

Powered by WordPress | Theme Designed by: axis Bank bca Bank bni Bank bri Bank btn Bank cimbniaga Bank citibank Bank danamon Bank Indonesia Bank mandiri Bank ocbc bank Panin Bank syaria hmandiri bundapoker dana google gopay indihome kaskus kominfo linkaja.id maybank ovo telkom telkomsel WA