How secure are GeoLocation APIs on mobile devices?

Question

How secure are GeoLocation APIs on mobile devices?

How easy is it to hack or provide incorrect information to a website through the GeoLocation API?

I need users to submit their position to my server, but I need to make sure that the data is not tampered with. The exact point is not required, but I need to know that the user was at least near the place where they claimed to be.

As long as I protect my service from an arbitrary call (with user-provided parameters), can I trust lat / long given by GPS systems in modern smartphones accessed through my own applications? What about HTML5?

My question basically is that the built-in OS APIs are safe in the sense that (assuming non-root phones) the data returned from the API is correct? If not, is there any way to verify the data is at least reasonable?

+3

android security ios windows-phone-7 gis

Nate Jun 09 '11 at 20:36

source share

1 answer

fzwo · Accepted Answer · 2011-06-09T20:53:17+0000

Do you expect evil?

Like any client-based technology, you must trust the client. When using root / jailbroken phones, theoretically data can be manipulated over the telephone. If location services are disabled, you can get placeholder data (although you should get an indication that geolocation is disabled). As far as I know, there is no reliable way to determine if the iPhone has been hacked for an app app sn app, and even more so for a website.

, , , -jailbroken iPhone ; , , Android.

IP ( , , -).

How secure are GeoLocation APIs on mobile devices?

More articles: