Pokemon Go not “a security risk”, can't read your email

Mere six days after its official release in some regions, Pokemon Go has become a mobile gaming phenomenon unlike anything we've seen in recent years. A couple of days ago, however, the overwhelming excitement toward Pokemon Go was muddled by security concerns, spurned by a blog post labeling the iOS version of the game “a huge security risk” with “full access to your Google account”.

The blog post, penned by former Tumbler Senior Engineering Manager Adam Reeve, made vague claims about what Mr. Reeve presumed the app was allowed access to:

"Let me be clear - Pokemon Go and Niantic can now:

• Read all your email
• Send email as you
• Access all your Google drive documents (including deleting them)
• Look at your search history and your Maps navigation history
• Access any private photos you may store in Google Photos
• And a whole lot more”

Although Pokemon Go does indeed request “full account access” from some iOS users, that does not mean the app has permissions to perform any of the aforementioned actions.

Speaking to Gizmodo, Reeve has retracted his statements, clarifying that, in fact, he was not “100 percent sure” what he described in his blog post was true. Reeve also says that Google tech support has got in touch with him explaining that “full account access” does not mean a third party app can access your private files, send email as you, or perform any of the other activities claimed by him in the post.

Having said this, Niantic has nonetheless acknowledged that Pokemon Go requests more permissions than it actually needs, emphasizing that only basic user information was accessed, and that an update fixing this will be pushed shortly by Google: