Warning outlines security risks of installing Voila app. Fact Check
A warning on social media advises against using the Voila smartphone app since doing so allows crooks to open up accounts in your name as well as being able to bypass facial recognition.
MIXTURE
An example of the warning is below.
DON’T DO IT!!!
This is what I’ve been saying about the cute and adorable pictures you are posting of you and your family:
FYI: Do NOT do the caricatures!!!!!
If you create the cute caricatures of your family members in the Voila app, you’re setting yourself up for potentially big security issues. My friend Kristen, who works in PR for a major cyber security company, shares the following:
Remember what I said the other day about not answering quizzes and questions on social media…
When you give them a clear photo of your face and that of every other family member and you do it through an app that requests access to certain data in your Facebook account… and you clicked yes on that button without ever thinking twice… When they open another account in your name…or worse… it’s not called hacking.
You willingly fell for a phish and handed over facial recognition and access to personal account information because it made your family look like Pixar characters.
Firstly, it is important to note that the general sentiment here that users should be wary when installing apps on their smartphones is sound. When you install any app, you are typically required to provide it access to information on your phone that it needs to function, and as such you should only install apps that you trust. There are always general security risks when installing such apps, especially apps designed for passing “entertainment” purposes (the same applies to Facebook apps.)
However, because the general sentiment of a warning is genuine, this doesn’t not necessarily mean specific allegations against a specific developer are going to be just as legitimate.
The warning above makes three claims about the consequences of using the Voila app.
1 – That handing over your photos will allow third parties to open another account in your name (we assume this is referring to cloning attacks.)
2 – You are handing over facial recognition control
And 3 – You are providing third parties with access to your personal information.
Regarding points 1 and 2, we rank both as unproven and unlikely. We rank point 3 as true.
Sponsored Content. Continued below...
With Point 1, we rank this unproven because we could find no evidence that this is happening regarding the Voila app. The app was developed by a company called Wemagine.AI. The company has a website and privacy policy that, on the face of it, appears to be a rather standard policy given the niche of the company. The policy outlines that it only retains data for between 24-48 hours –
RETENTION OF DATA
We also configure Google Cloud Platform to delete photographs, and the information associated with the photographs within 24-48 hours after the photograph was last used the App. This allows you to revisit the image for additional modifications during that time.
There is nothing to suggest, that we could find, that Wemagine.AI is using photos to create cloned accounts under a user’s name. We also rank Point 1 as unlikely because there are far more effective ways of cloning accounts. For example, on Facebook, crooks will duplicate the public facing profile photo and public facing account name to clone the account, as opposed to exploiting a photo uploaded by the user to an app. To avoid having your account cloned on Facebook, we recommend hiding your friends list and setting your account to private. (More on that here.)
Regarding Point 2, we again rank this as unproven given that there is no evidence that the developers Wemagine.AI are using photos to bypass facial recognition technologies. We also rank it unlikely because using photos to bypass facial recognition is extremely difficult. While the last few years have been littered with incidents of it being proven to be a possibility, these are generally isolated occurrences using a plethora of high-definition photos.
Sponsored Content. Continued below...
Regarding Point 3, it is true that you are giving third parties access to personal information about yourself when you install the Voila app. This is true of installing almost any smartphone app (hence our advice at the start of this article.) Wemagine.AI claim not to sell your information to third parties with the exception of subsidiaries and affiliates, contractors, service providers and others that support the business as well law enforcement. (under Disclosure of Data.)
To summarise, the warning expresses the correct sentiment about being wary of installing smartphone apps, especially ones you do not trust. However the specific allegations levied against the Voila app are unproven and appear to be more scaremongering than the passing on of accurate information. Given all of this, we opted to rank this claim as MIXTURE.