On the Unicity of Smartphone Applications
This highlights a privacy risk for smartphone users, as app lists can be used for tracking, but it is incremental as it builds on prior work about app semantics and user traits.
The study tackled the re-identifiability issue by analyzing smartphone app unicity on a dataset of 54,893 Android users, finding that any 4 apps are sufficient for user re-identification over 95% of the time and that the complete app list is unique for 99% of users.
Prior works have shown that the list of apps installed by a user reveal a lot about user interests and behavior. These works rely on the semantics of the installed apps and show that various user traits could be learnt automatically using off-the-shelf machine-learning techniques. In this work, we focus on the re-identifiability issue and thoroughly study the unicity of smartphone apps on a dataset containing 54,893 Android users collected over a period of 7 months. Our study finds that any 4 apps installed by a user are enough (more than 95% times) for the re-identification of the user in our dataset. As the complete list of installed apps is unique for 99% of the users in our dataset, it can be easily used to track/profile the users by a service such as Twitter that has access to the whole list of installed apps of users. As our analyzed dataset is small as compared to the total population of Android users, we also study how unicity would vary with larger datasets. This work emphasizes the need of better privacy guards against collection, use and release of the list of installed apps.