If you allow third parties to read your Gmail emails



[ad_1]

Google assured that software development software can only access to personal personal couriers from ] Gmail when users gave their direct consent and that it only gives access to previously verified third-party applications.

The Mountain View Company sent a clarification explaining its policy of using API for developers, and recalled that their users " can review all the applications to which they gave access and revoke access if they wish "via the Security Review Suite Google .

Google ruled in this manner before the information published in an article in the newspaper The Wall Street Journal which ensured that the software external development companies had analyzed the inbox and even reviewed the contents of millions of personal emails to develop free applications.

The API of Google allow developers to use the Google accounts of users as an authentication factor and to determine the number of users. authorization for example.

In this regard, in the API use policy for developers, Google requires external companies to publish a privacy policy that fully documents the manner in which the application interacts with user data, the type of data requested and the purpose of the same.

The company prohibits the access, aggregation or analysis of user data from Google if the purpose is to Post to sell it or distribute it to a third party who carries out the surveillance. He also advises developers to request permission on relevant user information to implement new features or services.

The American society states that all applications having access to its API must show this policy. its users, who must give their consent to access their data, and that subsequent data management must comply with these policies.

In addition, the authentication system for OAuth applications, based on a whitelist, ensures that according to the data of Google

OAuth is a protocol that allows you to connect with the help of software that allows you to connect to third-party OAuth applications that have been reviewed and verified by your organization. an account of Google but also Facebook or PayPal, for example, without the application or service can access all user data, since it provides the information of the account to which the user accesses and on the basis of the granted permissions.

RL

    
  

[ad_2]
Source link