October is National Cyber Security Awareness month. There are tons of free mobile apps on the market, but there are actually "hidden fees" lying in those apps. Some free apps are looking for something in exchange. Read on to find what you are willing to trade. This is part 7 in a series of blog posts we will be publishing on various topics aimed at educating you on how to stay protected on today’s Internet landscape.

Mobile apps have transformed the way we interact with our smartphones and tablets. If you’re looking for a quick way to access your bank accounts, a tool to make you more productive while you’re on the move, or a game to help pass the time while you’re waiting for a bus, there’s an app for that. In turn, consider the fact that everything you are doing on your phone is stored on it as well. With smartphones becoming a bank of our personal data, clearly privacy is a growing concern. However, privacy breaches don’t always come from mobile malware or phishing attempts.

With hundreds of thousands of free apps on Google Play, for instance, there are often lots of options to choose from in each app category. The fact that many can be downloaded in a matter of seconds means that you’re only moments away from installing a tool that could bring innovative new functionality to your mobile device. However, the simplicity and instant gratification of the download process can also be your worst enemy. You may see or hear about a great free app that is all the rage amongst your friends, and rush to download it so that you can join the party. However, have you ever stopped to consider what really makes that app a free app?

The Hidden “Fees” In Free-To-Use Mobile Applications

Almost 50% of free apps utilize in-app advertising, according to Symantec Threat And Response (STAR) data as of August 2014. Some apps have in-app ad libraries that come packaged with the app. During the installation process, users might not realize that there can be other applications bundled within the app that they are downloading.  The permissions you grant to the parent app are also granted to the other, bundled apps; in this case, the in-app ad library. These permissions allow the ad library to potentially have access to location services, your address book, text messages, emails and more. These libraries can then use these services to aggressively track the your usage habits in order to tailor the ads to your interests. These advertisements can cause very intrusive and annoying behaviors that will impact your mobile experience, such as placing ads on your notification bar or placing icons on your home screen, which can link directly to ads. Essentially, this information and placement of ads on your device are hidden “fees” that you would be “paying” for using the app. In addition to privacy invasion, these secondary apps can also be a huge drain on your phone’s hardware, such as the processor and battery life.

A little extra caution can go a long way to help you stay protected:

• When installing an app, closely examine what services the application requests access to. Why would a weather app want access to your address book? Also, realize that it is ok to deny permission to the app if the request doesn’t seem relevant to the application’s functions.
• No one wants to do it, but when downloading an app, read the Privacy Policy before installing it. The Privacy Policy should give you a good picture of what information the app intends access on your phone, and what it intends to do with that information. If that information is unclear in the Privacy Policy, then don’t download the app, as you’ll be left in the dark as to exactly what happens with your information. Once you have agreed to the User Agreement, you legally grant the application developer permission to collect personal information, and do whatever they please with it, which sometimes involves selling that data to a third party. Reading the User Agreements and Privacy Policies of an app will allow you to make an informed decision about how much of your privacy you are willing to give away.

Con Mallon, Senior Director – Consumer Mobile Product Management at Symantec, points out below in his three top tips for app security and says that there are a number of telltale signs on Google Play designed to provide transparency about an app’s credentials.

Three Top Tips For App Security

• Take time to read the reviews of apps in the app store – the rating of the app can and will tell you something.
• Look at when the app was published – how do you feel about using a brand new app or one that is used by few people? How does that fit with your tolerance for risk?
• Don’t hit the ‘install’ button too quickly. For Android apps, you will be presented with a list of ‘permissions” that the app developer is requesting for the app. If a lot of permissions are being asked for, take a minute to think, do you think that the app really needs all of this?

So while the use of a free app doesn’t cost you money, the app does want something in return- access to your personal information. App developers tend to make their money off of advertising services, which creates the illusion of the app being free to the user. What you need to think about when installing that app is how much of your privacy you are willing to trade for it.

If you want to take the guesswork out of identifying apps with risks and put you in control of your privacy, consider subscribing to a security service that contains app scanning technology that analyzes and reports on app behaviors such as Norton Mobile Security, or Norton Security - if you want to protect your PCs and Macs in addition to mobile devices.

This is part 7 of a series of blogs for National Cyber Security Awareness Month.

For more information on various topics, check out:

Week 1
5 Ways You Didn't Know You Could Get a Virus, Malware, or Your Social Account Hacked
How To Choose a Secure Password
How To Avoid Identity Theft Online
How To Protect Yourself From Phishing Scams
How To Protect Yourself From Cyberstalkers

Week 2
Mobile Scams: How-to Identify Them and Protect Yourself
BYOD And Protecting Your Mobile Workforce
Cyber Security Concerns and Smartphones

Week 3
Keeping Your Mobile Fitness Data Secure
Security Concerns and the Connected Car
The Connected Home- Just How Safe Is Convenience?

Week 4
Securing Employee Technology, Step by Step
Are Your Vendors Putting Your Company’s Data at Risk?
Four Mobile Threats that May Surprise You
Theft-Proof Your Mobile Data
Traveling? Don’t Let Your Mobile Data Stray

Week 5
How Do Cybercriminals Get Caught?