The Nokia Xpress browser, one of the more popular applications on Nokia’s Asha range, is facing security concerns over the encryption of sensitive data.
The stock browser for Nokia S40 devices, which is now also the new beta for Lumia devices, is leaving data accessible, according to security researchers.
The researchers say that the browser’s acceleration technology, which encrypts data before sending it to websites, is routing traffic via Nokia servers, meaning users’ private information can be accessed by company officials.
Nokia responded to the claims by assuring users that systems were in place to prevent abuse and that it did not collect data.
“Nokia has implemented appropriate organizational and technical measures to prevent access to private information”
Nokia is not the only browser using the data compression technology, which is also used by Opera and Amazon Silk. The browser decrypts and re-encrypts information users are trying to send to websites, such as banking passwords and credit card details, before sending it, giving users faster Internet speeds and lower cost.
This access has led to concerns over Nokia storing confidential data, something that the Opera FAQs explicitly say they will not do. Nokia has been forced to clarify its position on data storage.
“We take the privacy and security of our consumers and their data very seriously,” the statement read. “The compression that occurs within the Nokia Xpress Browser means that users can get faster web browsing and more value out of their data plans.”
“Importantly, the proxy servers do not store the content of web pages visited by our users or any information they enter into them.”
