Allot EndpointSecure (the “App”) is an enforcement application for the consumer market. It’s built upon an SDK and a filtering engine provided by Bitdefender. The policies to be enforced are defined by the user from the Allot Secure backend and these are pushed to the App for enforcement. The App also uploads reporting data on protection provided back to the Allot Secure backend, allowing the user to produce reports. Categorization of websites to allow filtering based on policy assigned is done on-the-fly by launching a request to Cloud-based Bitdefender categorization servers.
It hereby clarified that the App is a demo prerelease application, to be used for testing purposes only, and may not perform at the level of performance or compatibility of a final, generally available product offering. As such the App is provided “AS IS” with all faults and errors and all other warranties , whether expressed or implied are hereby disclaimed.
How the App uses certain permissions in the Android device:
The App does the following functions:
- It communicates to the Allot Secure backend to receive configuration and to upload reporting data. Additionally, it communicates with Bitdefender categorization servers for website classification purposes and classification of apps.
- It retrieves the device MAC address used for the App registration purposes in the Allot Secure backend and to detect whether the network connection is available.
- It gets the location coordinates when requested from the Allot Secure backend by the user even if the App is in background or foreground state. Location retrieval is one of the functionalities of the App.
- It stores the information about the installed applications into a temporary data file in case the number of apps is too large for the available memory.
- Uses Android permissions required on Android 4.0 and higher if the App uses scanning of the external storage.
- It accesses the WiFi adapter MAC address if the device is not a phone and does not have the IMEI. This MAC address will be used during the license verification”
- Uses Android permissions required to delete the infected URLs from the browser history so the user doesn’t get to the infected url when using the “back” button in the browser.
- Uses Android permissions required when the user wants to uninstall infected apps detected by the App.
- Uses Android permissions required to initiate the App services and components after the device is restarted.
- Uses Android permissions required to keep protection services provided by the App up and running.
- Uses Android permissions required to allow the App to start foreground the protection services used.
What user information is sending the App:
The following data sent to the Allot Secure backend allowing the App user to push protection policies, utilize the App functionalities and produce reports based on activity and protection provided:
- MAC address as part of the registration process in the backend. This information is discarded afterwards and not stored.
- Blocked websites, including category, date and time, to provide the user reporting data.
- Malicious apps identified, either after installation or as part of scan results, to allow the user to see them from the management portal.
- Date and time of last scan for malicious apps run on the device together with results.
- Apps installed on the device to provide the App blocking functionality.
- Coordinates of the device and location data when requested by the user. Only last known location data is stored.
- Device name to allow the user to identify it from the management portal
- Randomized device ID, used to uniquely identify the device in the backend.
The App might send the following information to Cloud-based Bitdefender categorization servers to ensure the service works as designed and provides the expected functionality:
- Technical data: ex: file hashes, file attributes, file size, detection names, technical information about the detection, scan engines version, flags extracted from the file, etc;
- Identifiers that cannot be linked with the actual client (GmID, x-nimbus-uuid, x-nimbus-clientid);
- IP address of the client;
- Accessed URLs, http user_agents, http method, content-type, content-length, http status_code, referer, file path of the web client, the ip that was resolved for the host being accessed by the client, and the port.
- File paths
- Command lines
- Process names
- Digital signature data, of a client’s file (ex: signature issuer, signature hashes)
- Files submitted by clients
- Information about client devices (id, model, type, OS – IOT-related)
- Vendor of the network card;
- MAC addresses
- Other telemetry, not linked with a specific client
While Bitdefender stores the IP address and MAC address of the device, please note these items are stored separately and are not correlated between them nor the rest of the data. Based on that, it is not possible to ascertain the behavior or browsing habits of a particular user from the data stored.
Analytics and Crashlytics:
The App allows the user to enable analytics and crashlytics. Both are set to off by default and must be explicitly enabled by the user. If enabled, the following information might be gathered:
Analytics:
It can be potentially used to enhance the user experience of the App.
- https://support.google.com/firebase/answer/9234069?visit_id=637456119108207716-420297778&rd=1
- https://support.google.com/firebase/answer/9268042?visit_id=637456119108207716-420297778&rd=1
Details are sent to the Firebase portal owned by the publisher of the app.
Crashlytics:
It can be used to identify and troubleshoot app crashes. The crash report, including the crash details, are sent to the Play Store account owned by the published of the app.
Further details of Allots’ general privacy policy may be found at:
https://www.allot.com/privacy-policy/