Separately, a paper from the Worcester Polytechnic Institute and AT&T Labs research used a similar method of attack to discover 56 per cent of 100 popular websites leak visitors' personal data.
During our investigation, version 1.0 of the app vanished from Apple’s App Store (Apple did not comment) but a new version (1.1) has appeared with the description “bug fix”.
Happn acknowledged there was a flaw when approached by WIRED and said: “We are working on a solution where Happn would act as a proxy, preventing users from being able to identify other users' Facebook IDs in the future.”Once was shown to be gathering highly specific location data – in some instances a person's location was gathered to an accuracy of under one metre.
The company told WIRED it would evaluate whether it needed to collect close location data and remove this feature if it wasn't required.“We don't want to leave any stone unturned,” Jean Meyer, the CEO and founder of Once told WIRED.
It's supposed to only reveal a person's first name, but technical analysis of data packets showed it also leaks a person's Facebook ID.
Using this ID, it's possible to view a full profile page and identify the person.
Personal data entered on the app includes a person's religion, ethnicity, age, geo-location to within inches (based on the number of decimal places in the data packets), sexual preferences and more.