A new app called Neon Mobile shot up on Apple\u2019s US App Store charts last week, briefly ranking as the second most popular free app in the social networking category, according to Appfigures data cited by TechCrunch. The app promised to pay people for recording their phone calls and then sold the audio to AI companies for training purposes.<\/p>\n
The company claimed users could earn \u201chundreds or even thousands of dollars per year\u201d by making calls through the app. Neon said it paid 30 cents per minute for calls between two users and up to $30 a day for other calls. Referral bonuses were also part of the pitch.<\/p>\n
\u201cPhone companies profit off your data. Now, you can too,\u201d read a message on Neon\u2019s website<\/a>.<\/p>\n To get paid, users had to agree to Neon\u2019s terms of service, which granted the company a sweeping license to their recordings.<\/p>\n TechCrunch highlighted the policy, which grants Neon a \u201cworldwide, exclusive, irrevocable, transferable, royalty-free, fully paid right and license (with the right to sublicense through multiple tiers) to sell, use, host, store, transfer, publicly display, publicly perform (including by means of a digital audio transmission), communicate to the public, reproduce, modify for the purpose of formatting for display, create derivative works \u2026 and distribute your Recordings.\u201d<\/p>\n Legal experts told TechCrunch<\/a> that recording only one side of the conversation may have been a way to avoid violating wiretap laws in states requiring two-party consent. However, privacy lawyers also raised concerns that anonymized voice recordings could still be misused for fraud or impersonation purposes.<\/p>\n The app\u2019s viral success was short-lived. On Thursday, TechCrunch discovered a security flaw that let any logged-in user access other people\u2019s phone numbers, call recordings, and transcripts. During its test, the publication found that Neon\u2019s servers produced \u201cdata about the most recent calls made by the app\u2019s users, as well as providing public web links to their raw audio files and the transcript text of what was said on the call.\u201d<\/p>\n After being alerted, Neon\u2019s founder, Alex Kiam, shut down the app\u2019s servers. In an email to users, Kiam wrote: \u201cYour data privacy is our number one priority, and we want to make sure it is fully secure even during this period of rapid growth. Because of this, we are temporarily taking the app down to add extra layers of security,\u201d per TechCrunch.\u00a0<\/p>\n Notably, the email did not mention the specific flaw that had exposed users\u2019 sensitive data.\u00a0<\/p>\n Kiam later told Business Insider<\/a> the app will remain offline until a security audit is complete and new protections are added. He also admitted the app\u2019s growth was faster than expected: \u201cHonestly, I did not expect this to grow this fast. I did expect us to reach this level and beyond, but I certainly didn\u2019t expect everything to be this fast.\u201d<\/p>\n Meanwhile, Neon remains available for download in the App Store, but without functioning servers, it\u2019s effectively unusable. Whether it makes a comeback and whether Apple or Google weighs in on its compliance remains unclear.<\/p>\n Unusual data activity also occurred last month, when <\/strong>Meta\u2019s contractors<\/strong><\/a> were found to have viewed explicit photos and personal data from AI chatbot users.<\/strong><\/p>\n The post Neon Pays Users to Record Calls, Goes Dark After Security Flaw<\/a> appeared first on eWEEK<\/a>.<\/p>","protected":false},"excerpt":{"rendered":" A new app called Neon Mobile shot up on Apple\u2019s US App Store charts last week, briefly ranking as the second most popular free app in the social networking category, according to Appfigures data cited by TechCrunch. The app promised to pay people for recording their phone calls and then sold the audio to AI […]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[],"class_list":["post-5108","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/5108"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=5108"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/5108\/revisions"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=5108"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=5108"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=5108"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}The privacy trade-off<\/h2>\n
Security breach brings it down<\/h2>\n