Risks Associated With Popular Face-Changing App WOMBO

Face-changing apps have spread across social media like wildfire in recent years. While these apps can be fun, using them may bring drawbacks regarding your privacy and security.

Many face apps are available for you to try out in the app store. In this article, we examine WOMBO, the AI-powered lip-sync video app used by millions of people worldwide.

What data does WOMBO collect on its users?

WOMBO is an image-manipulation mobile app that lets users create a lip-sync video of themselves. The app uses artificial intelligence to transform any picture of a face into an amusing singing video.

According to the app’s privacy policy, WOMBO collects information on you when you use the service, including “facial feature data” and information about the way “you interact and spend time on the application” (technical or log data). The facial feature data is only stored “for the purpose of creating the photo animation and deleted immediately after.”

This data is “temporarily” relayed onto Amazon Web Services (AWS) to “enable photo animation capabilities” as well as the apps’ behavioral analytics platform for product intelligence, known as Amplitude.

However, the app also uses third-party services that may collect information on users. While these third parties are not specified in their privacy policy, some mentions are in the apps’ terms of service guide, found here.

These include the App or Play Store (handling the billing information if you chose an ad-free version of the app) and third-party websites or services you visit or interact with when using the app.

In this sense, the platform highlights that any information shared with third parties falls out of the app developers’ control.

“These platforms, websites and online services follow different rules regarding the collection, use and sharing of your personal information,” WOMBO states. So, it’s up to the user to do find out more about what and how their data is collected, processed and stored.

The “anonymous, aggregated or de-identified” or log data “will be stored as long as necessary” to fulfill the purposes of the app. This includes information on your device such as IP addresses, device name, operating system version, the app’s configuration, time and date of usage and other statistics.

What are the security risks?

Like any other application you install on your mobile device, face-changing apps gather and use your data in various ways.

The data gathered data varies by app developer, so it’s very important for users to go through each privacy policy before installing and using a new app. Moreover, updates or changes impacting the collection and use of data can take place at any time, so it’s critical for users to periodically review apps’ privacy policies.

The main security risk lies in the fact that the app sends the pictures to AWS for processing and additional information to its analytical platform — data that could end up stolen in the event of a cyberattack.

Additionally, you need to keep in mind that popular apps can also be imitated by malicious knock-offs. Never download apps from unknown sources or fall for a ‘cracked’ version of the premium that won’t show you ads. Steer clear of videos advertising such versions of the app and keep the service updated at all times.

Bitdefender Mobile Security gives your iPhone or Android device full protection against mobile-specific threats, plus a secure VPN for a fast, anonymous and safe experience while surfing the web. It helps you secure your passwords, private data and financial information, and offers instant alerts whenever an incident is detected and prevented.