You don’t have to worry about Pokémon Go reading your email because, of course, the app never really could access that data. But developer Niantic has updated the game on iOS to ensure that it is clear it is only asking for the data it needs.
Niantic just pushed out an update for Pokémon Go on the iOS App Store that includes a number of stability improvements and bug fixes, but it also reduces the scope of the access the game has to your personal Google account. Yesterday, several stories reported that Pokémon Go was a security risk because it was getting “full access to your Google account.” The truth, according to Niantic (and confirmed by security expert Ari Rubinstein), is that the app never really had access to more information than it needed, and it never read anyone’s email. But that did not stop a wave of players from expressing concerns, and the developer has acted swiftly to address those fears. That’s crucial because the game has rushed to the top of the grossing charts in the $36.9 billion mobile gaming industry, and the developer doesn’t want to appear as a risk and potentially lose that revenue.
Yesterday, Niantic provided a statement to the media that assured everyone it was working on a fix.
“We recently discovered that the Pokémon Go account creation process on iOS erroneously requests full access permission for the user’s Google account,” reads the official comment. “However, Pokémon Go only accesses basic Google profile information — specifically, your User ID and email address — and no other Google account information is or has been accessed or collected.”
The update should now ensure that the app says it is only asking for the data that it is actually taking.
Here’s a list of the other updates to the iOS app, which are primarily bug fixes:
- Trainers do not have to repeatedly enter their login information after getting disconnected.
- Improved the Pokémon Trainer Club account log-in process.
- Resolved problems that were causing crashes.
The Android version of Pokémon Go has still not seen an update mostly because it did not have an issue with the level of permissions it asks for on that operating system.