MDR for Mobile Privacy Guide
MDR for Mobile Privacy Guide
As a cybersecurity company, we care deeply about your privacy. We make every reasonable effort to safeguard your personal information. Only authorized individuals may access it, and all access attempts are logged and tracked. We do not, under any circumstances, sell your personal information to third parties.
We cannot access your personal data. We cannot access your cookies, your web history, or any of your device’s contents (e.g., your pictures, your email messages, your texts, your contacts, your call history - we can’t access any of it).
Personal information
We collect and store the following personal information for the explicit purpose of delivering the mobile threat detection service:
- First name
- Last name
- Email address
Device data
Note: Device data is not tied to personal identifiers.
From https://www.zimperium.com/zimperium-eula/:
Device Data collected may include but is not limited to the following:
- The manufacturer and model of your device
- Certain technical settings of your device, including the display size of your device and firmware version
- Your IP address (which can indicate your country and geolocation)
- Wireless carrier for your device
- The type and version of operating system on your device
- Certain configuration data of your device, such as whether your device is configured to allow root access or whether hardware restrictions of the device have been removed
- In some cases, metadata of all applications installed on your device (including, but not limited to, the name of the app, the version of the app)
- Metadata about networks your device connects to (including, but not limited to, the SSID of the network)
- In certain circumstances, we may also collect a copy of the application
- URLs or domains of links which may be derived from End User policies
- Data from tracking tools used to analyze product performance on your device
- System monitoring data such as memory utilization, process metrics, network statistics (but no data like web pages or emails), and other non-user-identifiable type monitoring values.
App runtime permissions
NOTE: Because of differences between iOS and Android development, the specific permissions requested at runtime are unique to the operating system.
Upon installation, the app requests the following permissions on your device:
|
iOS - RUNTIME PERMISSIONS |
|||
|
PERMISSION |
REQUIRED? |
PERSISTENCE |
PURPOSE |
|
Camera access |
N |
N/A |
QR code scanning |
|
Notification |
Y |
App's lifetime |
Alerting user to potentially harmful activity & on-device responses |
|
Local Wi-Fi Network Permission |
Y |
When threat occurs |
Protection from Wi-Fi based attacks |
|
Location |
Y |
App's lifetime |
Obtain SSID and BSSID of the current Wi-Fi connection |
|
VPN Link Verification permission |
For phishing assistance: Y |
When threat occurs |
Phishing link verification |
| Android - PERMISSIONS | |||
|
PERMISSION |
REQUIRED? |
PERSISTENCE |
PURPOSE |
|
Camera access |
N |
N/A |
QR code scanning |
|
Notification |
Y |
App's lifetime |
Alerting user to potentially harmful activity & on-device responses |
|
Location |
Y |
App's lifetime |
Obtain SSID and BSSID of the current Wi-Fi connection |
|
VPN Link Verification permission |
For phishing assistance: Y |
When threat occurs |
Phishing link verification |
|
Battery Optimization |
N |
App's lifetime |
Adds app to Android battery optimization exemption list; permits notifications |
|
Device Storage |
Y |
App's lifetime |
access your device storage areas |
In the event of a cybersecurity incident, we record forensic data at the time of attack. The sections below describe the exact details of what we collect when a threat is detected.
Data collected for both Android and iOS devices
Location Data Detection Information
Location:
- Street
Device Data Detection Information
Operating System: The operating system loaded on the device.
Model: The manufacturer and model of the device
IP Address: The IP address for the device.
Network Data Detection Information
Connection Details
- SSID: device shows the network name (SSID) of the connected network.
- BSSID: device shows the BSSID of the connected network
- External IP Address: External IP address for the user’s device.
- Gateway IP address: Gateway IP address for the user’s device.
- Gateway MAC address: MAC address for the gateway for the user’s device.
- Nearby Wi-Fi networks: device shows the network name (SSID) and BSSID of the nearby wi-fi networks.
- ARP table of the device: This includes all local hosts in the LAN that interacted with the device.
- Route table of the device: This includes every IP the device contacted with the default gateway for each one.
- Carrier Information: Name of the carrier.
- Attacker network details including IP and MAC addresses: IP address and MAC address of the attacker’s device.
App Data Detection Information
Application Forensics:
The application forensics information is sent from the device only when an application threat is detected (for example, the developer name for the sideloaded app detected on the device).
Android-specific Detection Data
Device Data Detection Information
This device data is sent for Android devices:
Running Processes: The list of processes currently running on the device. (Optional) o Running Android services on the device.
App Data Detection Information
This app data is sent for Android devices:
- Application Binaries: The application binaries are collected and sent.
- Upload unknown APKs via Wi-Fi for app analysis.
- Application Inventory: The application inventory information is collected and sent
- List of applications installed on the Android device.