There are two versions of this application on Google Play.
Between the two versions there are more than 200 million users. GO Keyboard – Emoji keyboard, Swipe input, GIFs has a user rating of 4.5 stars; the very similarly-named GO Keyboard – Emoticon keyboard, Free Theme, GIF has a rating of 4.4 stars.
Security researchers have recently discovered that this application, produced by Chinese developers GOMO Dev Team, was sending personal data and information about its users back to remote servers. It was also as “using a prohibited technique to download dangerous executable code.”
Prohibited by Google
Downloading executable code, such as dex files or native code from a source other than Google is not allowed, according to Google’s policies. According to the security researchers, that is exactly what the GO Keyboard application was doing.
“Without explicit user consent, the GO keyboard reports to its servers your Google account email in addition to language, IMSI, location, network type, screen size, Android version and build, device model, etc.”, said Adguard.
“We Will Never Collect Your Personal Info”
GO Keyboard’s developers clearly mention in the app’s description on Google Play Store that they don’t collect any kind of personal information,
We will never collect your personal info including credit card information. In fact, we cares for privacy of what you type and who you type! [sic]
On the contrary, this is the exact opposite of what the application does.
According to Adguard, the application shares personal information right after installation and communicates with dozens of tracking servers and has also has access to sensitive data on your phone.
What’s actually scary is that several modern apps collect and send your private data to their servers. Adguard adds that this is fairly common in modern apps even though it goes against Google Play policies.