MODA warns of cybersecurity risks in Chinese-made apps

Taipei, May 27 (CNA) Taiwan's Ministry of Digital Affairs (MODA) on Wednesday said the public should be alert to cybersecurity risks posed by four Chinese-made mobile apps, including Amap, which currently tops both the Android and iOS download charts for navigation apps in Taiwan.

The other three apps covered in the review were video platforms bilibili and iQIYI, and messaging app BIMOBIMO, according to MODA's Administration for Cyber Security (ACS), which announced the findings at a news conference in Taipei.

ACS Director-General Tsai Fu-Longe (蔡福隆) said the key concern with Chinese-made apps is that they transmit data to China, which poses "a greater risk to national security" and is something his agency wanted to bring to public attention.

ACS senior official Lee Yu-wei (李昱緯) added that under China's Cybersecurity Law and National Intelligence Law, the companies behind the four apps may be required to hand over user data, including that of Taiwanese users, to Chinese authorities.

ACS ran tests on the four apps using 15 indicators across four categories: reading data from other apps, collecting and sharing user data, accessing users' device information, and reading users' activity.

Among the four apps, Amap had the highest number of risk behaviors, with 11 detected on Android devices and eight on iOS devices, Lee said.

Risk factors found on both operating systems included continuously reading users' location, accessing contacts, audiovisual data, and microphone permissions, he said.

According to Tsai, ACS compared Google Maps and Amap and found that the Chinese developer requested more privacy-related permissions and that its Android version was found to transmit data while closed.

He said users should remain alert to risks posed by all apps, not only Chinese-made ones, by checking whether requested permissions are reasonable and using cybersecurity tools when needed.