'Pokemon GO' Update Fixes the 'Google Account Scope' Security Flaw
The company apologized this week and issued an app update.
After security researchers found that the immensely popular Pokémon GO game sought “full access permission for the user’s Google account,” its makers Niantic Labs, apologized, and on Tuesday released a new version of the app that shows it “fixed Google account scope.”
“Once we became aware of this error, we began working on a client-side fix to request permission for only basic Google profile information, in line with the data that we actually access,” Niantic announced on Monday. “Google has verified that no other information has been received or accessed by Pokémon GO or Niantic. Google will soon reduce Pokémon GO’s permission to only the basic profile data that Pokémon GO needs, and users do not need to take any actions themselves.”
As of Tuesday, that change has been made for iOS users and it’s expected to arrive on Google Play soon.
Few mobile apps command attention when its developers release incremental software updates, but few apps are as big as Pokémon GO. Since its launch last week, the augmented reality app from Nintendo and Niantic has its first major update with the primary goal to stabilize the often glitchy and buggy game.
While it’s inevitable there will still be issues, this first update (version 1.0.1.) released mid-day Tuesday, solves another annoying glitch in which players are forcefully logged out and must re-sign in using Google or a Pokémon Trainer Club account. Another known issue was the stability (or lack thereof) of using a Pokémon Trainer Club account to log into the game.
The update does little difference to the game as millions of players (who are all friends now) have come to know well. This update is all under-the-hood stuff, but hopefully you’ll be less pissed now that the app won’t crash as much when you’re trying to catch a Squirtle.