No, Pokémon Go is not reading your emails – but it could access your Google account
Augmented reality gaming app Pokémon Go has taken the world by storm but the iOS version of the game is causing privacy concerns over how much data it has access too.
The Apple version of the hugely popular game – so popular in fact, Nintendo has seen a massive valuation boost since its launch on July 4 – has permission to access a vast array of personal data from Google accounts.
Pokémon players logging into the iOS app with Google accounts grant it certain access permissions by default. But unlike other applications, the game doesn't display what permissions will be granted. As first noted by computer architect Adam Reeve, the app for iOS is granted permission to access Gmail, Google Drive data, and full access to all data in the Google account.
A statement from the company, which was previously owned by Google, implies it wasn't aware of the access settings until it was approached by third parties. "We recently discovered the Pokémon Go account creation process on iOS erroneously requests full access permission for the user's Google account," its response said.
"However, Pokémon Go only accesses basic Google profile information (specifically, your user ID and e-mail address) and no other Google account information is or has been accessed or collected."
Niantic's statement on the issue continued: "Once we became aware of this error, we began working on a client-side fix to request permission for only basic Google account information, in line with the data we actually access. Google has verified that no other information has been received or accessed by Pokémon Go or Niantic.
The California-based company said Google "will soon reduce" the permissions to the "basic profile data" the game needs and users don't need to do anything.
The permissions issue only relates to the iOS version of the game and is not the case with the Android download. Android players have had their own problems though.
A malicious version of the Android app has inbuilt backdoors that siphon user data and puts phones at risk.