A number of users use smartphone keyboard apps and some of the popular smartphone makers face massive security risks due to them. Brands like Xiaomi, Oppo and Vivo among others whose keyboard apps can be used to reveal the details regarding your keystrokes on the phones. For example, we use food delivery apps for home delivery of food items and in the process, we often use online banking which requires passwords and PIN details. When one uses such keyboard apps then the keystrokes are registered but not stored. The security issues in these apps could potentially expose those keystrokes to bad actors.
The details of this latest risk came via the Citizen Lab this week which discovered the issues in keyboard apps that are also utilised by popular smartphone makers such as Samsung and Huawei.
Which Keyboard Apps Face Security Risk
- Baidu IME
- Baidu IME on Honor
- Baidu IME on Oppo
- Sogou IME on Vivo
- Sogou IME on Xiaomi phones
- iFlytek IME
- Tencent QQ Pinyin
- Samsung keyboard
It appears that the impacted keyboard applications are primarily utilised in China on devices from these specific brands. However, potential risks cannot be disregarded for millions of Xiaomi, Oppo, and Vivo users across the globe.
According to the researchers, the significant threat posed by these keyboard applications is the potential for hackers to decrypt keystrokes without triggering any alerts. Fortunately, the security concern has been communicated to the developers of these keyboard apps mentioned, and it appears that most of them, with the exception of Honor and Tencent app developers, have addressed the issue by April 1, 2024.
Citizen Lab has strictly advised people to keep these apps updated to their latest versions and if possible, use keyboard apps which do not store the keystroke data.