Binance to Remove In-App Audio Recording Feature in Next Update

Top cryptocurrency exchange Binance has reviewed its Android app code following spyware concerns
Top cryptocurrency exchange Binance has reviewed its Android app code following spyware concerns

Binance will remove the ability to record audio from its Android app in the upcoming update scheduled for “mid-July”, cryptocurrency exchange CEO Changpeng Zhao, also known as CZ,  told Cointelegraph. 

Binance App will allegedly drop the microphone permission

The company’s privacy-oriented move follows spyware concerns raised by crypto community members last week. Specifically, user @ShitcoinSherpa tweeted certificate issuer screenshots, showing that the permissions asked by Binance in its Android app include access to the camera and the ability to record audio. 

At the time, Binance’s chief security officer told Cointelegraph that “the camera is used during the KYC process,” stressing that “the code developed in house within the Binance app definitely does not use the microphone."

Now, CZ stated that the Binance team has “worked on removing the requirement for the audio recording permission.” He told Cointelegraph:

“Our next version of the Binance app scheduled for release in mid-July, we will remove the audio recording permission. We keep other permissions required to a minimum, for our users’ peace of mind.”

The updated list of permissions looks more privacy-focused overall

Additionally, CZ shared the list of permissions that are required for KYC procedures and therefore will be featured in the latest Android app version: 

“android.permission.ACCESS_NETWORK_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.CAMERA

android.permission.INTERNET

android.permission.ACCESS_WIFI_STATE

android.permission.VIBRATE”

When cross-referenced with @ShitcoinSherpa’s certificate issuer’s screenshots, the updated list also excludes a number of permissions that allow the app to get information about the running tasks, access precise location, or check the status of ongoing calls, among other things. 

Binance does not sell user data “of any kind,” CZ says

Zhao stressed that Binance does not rely on advertising or selling user data “of any kind, such as packaging KYC data together with blockchain analytics.” He also noted the potential danger of using apps with access to user's clipboard data:

“The thought of looking at the users’ clipboard data scares us. We view that as a major security concern for our users. Many of our users may use a crypto wallet of some kind. They may have a copy of their seed or private key in their clipboard at some time. Any App collecting this data could steal the users’ funds and should be classified as a trojan horse or virus. We don’t want to go anywhere near that.”

When asked what exactly prompted the exchange to review the app’s code, be it the TikTok security risks that CZ addressed on Twitter yesterday or the above-mentioned findings, the CEO said:

“Keeping our users’ funds #SAFU is always a top priority for us. So as soon as there is chatter about this, we immediately looked into our own app to make sure such concerns are non-existent in our Apps.”