Playing hide and seek with mobile dating applications

Abstract

Recently, a wide range of dating applications has emerged for users of smart mobile devices. Besides allowing people to socialize with others who share the same interests, these applications use the location services of these devices to provide localized mapping of users. A user is given an approximation of his proximity to other users, making the application more attractive by increasing the chances of local interactions. While many applications provide an obfuscated location of the user, several others prefer to provide quantifiable results. This paper illustrates that the user’s location can be disclosed, with various degree of approximation, despite the obfuscation attempts. Experimenting with four of these applications, namely MoMo, WeChat, SKOUT and Plenty of Fish, we show that an attacker can easily bypass the fuzziness of the results provided, resulting in the full disclosure of a victim’s location, whenever it is connected.