Don’t share your location on dating apps: Experts found users’ coordinates with scary accuracy

In the evolving landscape of online dating, particularly within the LGBTQ+ community, the integration of geolocation features has raised substantial privacy concerns.

While revolutionizing the way we find companionship, dating apps harbor significant privacy risks, especially with geolocation features. Thus, an investigation by Alexey Bukhteyev at Check Point Research on popular LGTBQ+ dating apps has unveiled a stark reality: users’ precise locations can be determined through trilateration, despite efforts to mask this data.

This vulnerability exposes users to potential threats, particularly in communities where privacy is not just a preference, but a matter of safety.

How can dating apps expose your location?

Dating apps frequently utilize location data to facilitate connections between users, promoting the convenience of proximity. However, this convenience comes at a cost. Bukhteyev’s research has demonstrated that through trilateration — a technique for calculating the exact position of a user by measuring distances from multiple points — it’s possible to circumvent the privacy measures implemented by these apps. Such methods can reveal a user’s location within a terrifyingly narrow margin, sometimes as precise as a few meters.

Bukhteyev experimented with two popular LGBTQ+ dating apps: Hornet and a second unnamed app. For his research, Bukhteyev strategically manipulated reference points and employed geometric calculations to refine the estimated location of a target user. In simple terms, using a digital game of hide-and-seek, and some clever math tricks, Bukhteyev was able to pinpoint a user’s location with scary accuracy.

While the research doesn’t make this too clear, Bukhteyev’s experiment represents the extremes of what malicious actors can do to find a user’s location — especially state and government actors, who’ve in the past used dating apps to find LGTBQ+ people in their country. Even though dating apps already have a huge predator problem, the average Tinder or Grindr user is not tech-savvy enough to replicate Bukhteyev’s research.

For users, however, it underscores the necessity of exercising caution with the permissions granted to applications, especially those that access geolocation data. Utilizing features that allow for the obfuscation of one’s location can provide a layer of protection against unwanted tracking.

On the other side, app developers must fortify their privacy safeguards. The LGBTQ+ community, in particular, deserves robust protection given the heightened risks they face in regions where their rights are not fully recognized. The discrepancy between the intended security of these apps and their actual vulnerability highlights a critical gap in user protection.