Menu
Request A Demo

Cybersecurity issues in a Post-Covid World

July 6, 2020

A guests post by Oleg Gervalov, Co-Founder and COO of Dating Apps KeYou and Loft.

Cybersecurity is one of the critical issues that almost every app developer faces. Sooner or later, it requires a solution to attract (and keep) users and ensure compliance with applicable law. With billions of terabytes of data available online, it seems that any information about any given person can be somehow retrieved on demand. However, the ever-growing statistics of cybercrimes clearly demonstrates that lots of problems remain unsolved.

Online dating is an industry where privacy and transparency should be wisely mixed by app developers to ensure a safe and joyful user experience. So, what are the major problems dating services have to solve today in a Post-Covid world?

The most common yet pressing issues

One of the most harmful issues is a dating fraud. It’s a boosting sector of a darknet. For any new tool developed by the market players, scammers attempt to find a breach and regain access to user personal data by any possible means. The situation becomes even more complicated when some app developers start playing on the dark side. That is why a consolidated effort of legitimate developers is the only way to combat scammers and provide users with a safe dating experience. VpnMentor's recent report revealed an unprecedented personal data leak for 9 niche dating apps. Attributed to the same developer, it affected 100K+ users with almost 1TB of personal files disclosed. The information leaked included photos, names, financial info, and created immense risks of being used for criminal activities. To win over users in this ongoing struggle, app developers should always be one step ahead of cybercriminals. 

Another long-lasting personal data breach scandal involved Ashley Madison, a well-known dating service. The scandal is traced back to 2015 but continues to affect some of the victims today. At the time, 32 million accounts have been compromised with personal data, including names, addresses, and credit cards info. The immediate consequences in 2015 were quite dramatic and resulted in numerous resignations and divorces. Moreover, several suicides have been reported attributed to the confidential info of users becoming publicly available. Additionally, the leak has also disclosed personal data of Ashley Madison executives, including the company's CEO. As time passed, other problems related to the service became evident. In particular, Ashley Madison kept storing users' personal and financial info even after the user paid for it to be deleted. What's more, according to Vade Secure report published earlier this year, hackers came back in 2020 to request an equivalent of $1,000 to be paid in bitcoin within a very limited time. The blackmail targeted users in the US, Australia, and India. 

Fake accounts are also one of the most important problems. This phenomenon is not unique. With fake news shown here, fake clothes sold over there, and fake values spread elsewhere, it is not surprising for people to tend to change their look. However, creating a better version of you (either with graphic editors or simply sharing photos of other people) is the least of the evils users of dating services encounter nowadays. Cheating, asking for money, fraud, personal data compromised are much more serious threats. 

The Federal Trade Commission report reveals that Americans lost $200 million via dating fraud (compared with $30 million in 2015). With 25K+ cases reported, dating scam has become the most common consumer fraud. The median loss for Americans amounts to $500 and increases dramatically for older victims ($6K+). The anti-record is, however, held by a Japanese woman who wasted over $200K trying to help a man who pretended to be the US citizen. The statistics present a very unfortunate picture, with scammers getting "easy money" from the consumers via social engineering methods and simple fraud. Sadly, the vast majority of victims believed they were in committed relationships. 

What is even worse, not only scammers are involved in such illegal activities, but the dating market players themselves. How does it work? Some of these players have an advanced system of "bots" and earn a lot of money on the people who think that they communicate with real persons who have an intention to date. There is a net of employees of this dating app who 24 hours a day chat with users from different countries and beg them for virtual gifts. The price of such gifts starts at five dollars and exceeds five thousand dollars. There are users who've spent hundreds of thousands of dollars on such staff," he adds. How to tackle this problem? Well, dating services should definitely invest in and implement advanced technologies, including artificial intelligence, for user identification and revealing identity fraud. For many dating services, these high standards of cybersecurity are not achievable at all. Some players are only interested in getting profits and declaring "user comes first" in User Agreement only, while others are big enough to worry about personal issues of a dozen unhappy users.

The problem of cheating users is, in part, ethical, but considering the specifics of service in question, such behavior is somewhat expected though unacceptable. It inevitably raises the question of dating services responsibility. Maybe, it's time for market players to come together and develop universal security standards. 

The LGBTQ community and its specific vulnerabilities

Not only is the community generally vulnerable compared to other social groups, but also the fraction of its members are still closeted and prefer not to disclose their orientation and preferences. 

The case of Grindr, a niche hookup app for gay men, is quite illustrative and provides an insight into an overwhelming pressure experienced by LGBTQ people. In 2018 it became obvious that Grindr was not safe at all, potentially compromising up to 3 million users. So, what was it about? Names? Credit card details? Unfortunately, much worse. It was possible to pinpoint an EXACT user location in real time. This security breach opened almost unlimited options for cybercriminals, including but not limited to exertion (in-person), stalking, abuse, and violence. 

To address numerous user concerns regarding personal data safety, Apple has recently taken action. The IT giant has significantly increased security for Safari when implemented an option for users to block tracking their online activities. The tool was proven to be efficient and successfully blocked Google Analytics. This initiative should be exemplary for other market players. It actually shows that IT companies are capable of protecting users simply and efficiently.

Why, instead, some market players are so careless about users' safety? The answer can be very disappointing. That is, personal data can be collected and sold to third parties, including marketing and advertising companies. According to the report published by the Norwegian Consumer Council, the shared data include age, gender, sexual orientation, interests, habits, and even precise location. The report defined the practice as "insane violation of users' privacy rights". That is exactly what it is. While the Council is currently filing claims to be submitted to various responsible EU agencies, those in the US have been unheard of so far.

The good hope is for the same to happen in the United States very soon.

The Pandemic's impact and the transition to a new reality

The pandemic outbreak has dramatically affected our lifestyles. Countries around the globe declared a state of emergency and put stay-at-home orders in effect in an attempt to stop the spread of deadly coronavirus. As a result, billions of people have been almost locked in their apartments and experienced a lack of communication.

Accordingly, services implemented video calls benefited a lot. For the first time in history, virtual dates (KeYou has also implemented those) have become incredibly popular, leaving all other means far behind. This new reality brought to existence yet another cybersecurity issue. That is to make ever-growing traffic secure enough to minimize hackers' chances to disrupt communication and compromise users' video stream. The actual problem was first reported for Zoom that has recently become a leading tool for video conferences. From virtual classes and remote government meetings to private dates, the problem of cybersecurity is quite pressing and should be addressed as soon as possible. The claim is especially vital as we still need more time to return to normalcy.

Post-Covid world is a new reality we are gradually becoming accustomed to. Here and now, cybersecurity problems require breakthrough solutions and joint efforts. While more and more people are engaged in dating we, the app developers, should keep their trust and protect their privacy.