Pokemon Go Has Full Access to Your Google Account, Here's How to Fix It

Advertisement
By Rishi Alwani | Updated: 12 July 2016 11:33 IST
Highlights
  • A massive security risk has been discovered in Pokemon Go
  • The game can view your emails and private photos.
  • This seems to impact mainly iOS users.

While Pokemon Go might just be available in three countries for now, that hasn't stopped fans the world over from obtaining the game for Android via sideloading or iOS by creating and using an iTunes account for Australia, New Zealand, or the US. It seems that those playing Pokemon Go have been subject to a glaring security violation. The game has full access to your Google account. Well, at least on iOS.

(Also see: Pokemon Go Tips and Tricks)

This was discovered by Adam Reeve, Principal Architect at RedOwl Analytics. He took to Tumblr to share his findings:

Advertisement

"Let me be clear - Pokemon Go and Niantic can now:
• Read all your email
• Send email as you
• Access all your Google drive documents (including deleting them)
• Look at your search history and your Maps navigation history
• Access any private photos you may store in Google Photos
• And a whole lot more"

And this isn't all. According to Reeve, since the game uses email as an authentication mechanism, he believes there's "a pretty good chance of gaining access to your accounts on other sites too."

(Also see: Pokemon Go Is Responsible for These Real Life Weird and Scary Things)

There is no need for this either. Usually when a developer allows users to sign in via Google, the level of access is specified. More often than not this is simply contact information.

Advertisement

Reeves later tweeted that "it seems to affect some iOS users, not all. No idea what the criteria are yet."

(Also see: Playing Pokemon Go in India? Here's Everything You Need to Know)

We've checked this with the Google account used on our iPhone 5S and yes, Pokemon Go did grant itself complete access to our account. This was not the case with our Android build of the game, although at the time of posting this, just one user has reported that it does impact the Android version as well. Reeves believes that on "Android it's using client permissions to get data, whilst on iOS it's using the Google account."

Advertisement

Nonetheless, if you're not keen on letting Niantic have complete access to your account, deleting the game isn't enough. Here's what you need to do to fix this:

Advertisement
  1. Log in to your Google account.
  2. View the app permissions available here.
  3. Revoke access to the game by clicking it.

Right now, Niantic and The Pokemon Company have maintained silence on this. Keep in mind that if you ever decide to risk playing Pokemon Go again, you'll need to grant it access to a Google account. The game does have an option to let you sign in using a Pokemon.com account but since the game's launch the sign up section of the site has been unavailable. Hopefully this corrects itself in days to come what with Niantic and The Pokemon Company planning a global launch for the game soon enough.

Update, July 12, 2016: Niantic has issued the following statement:

"We recently discovered that the Pokémon GO account creation process on iOS erroneously requests full access permission for the user's Google account. However, Pokémon GO only accesses basic Google profile information (specifically, your User ID and email address) and no other Google account information is or has been accessed or collected.

Once we became aware of this error, we began working on a client-side fix to request permission for only basic Google profile information, in line with the data that we actually access. Google has verified that no other information has been received or accessed by Pokémon GO or Niantic. Google will soon reduce Pokémon GO's permission to only the basic profile data that Pokémon GO needs, and users do not need to take any actions themselves."

 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Advertisement

Related Stories

Popular Mobile Brands
  1. Everything We Know About the Nothing Phone 4b
  2. Moto G77 Power Listing Confirms Key Specifications Before July 8 Debut
  3. Vivo Y500 4G Makes Global Debut With an 8,100mAh Battery: See Price
  4. Samsung Galaxy Z Fold 8 Series, Galaxy Flip 8 Price Leaked Ahead of Debut
  5. Xiaomi 18 Pro Max Prototype Leaked With Dual 200MP Cameras, 100W Charging
  1. Vivo Y500 4G Launched With 8,100mAh Battery, 50-Megapixel Rear Camera: Price, Specifications
  2. Moto G77 Power Listed on Company's Website With Key Specifications Before July 8 Debut
  3. Samsung Galaxy Z Fold 8, Galaxy Fold 8 Ultra, Galaxy Flip 8, Watch 9 Prices Leaked Online Ahead of Launch
  4. Xiaomi 18 Pro Max Camera, Display, Battery Details Tipped; May Get 8,500mAh Battery, 200-Megapixel Cameras
  5. iPhone 18, iPhone 18e Tipped to Get 9GB RAM Upgrade for Apple Intelligence; Pro Models May Stick With 12GB
  6. Amazon Prime Day 2026 Laptop Deals: Best Discounts on HP, Asus, Lenovo, Dell, Acer Models
  7. Best Camera Phones Under Rs. 30,000 for Content Creators in India: Motorola Edge 70 Fusion, Galaxy F56, More
  8. Boat Stone 900 Launched in India With Up to 80W Sound Output, Up to 15 Hours Audio Playback: Price, Features
  9. Cyberpunk 2077 Has Sold 40 Million Copies, CD Projekt Red Confirms
  10. Nothing Phone 1 Receives Final Software Update With Latest Security Patches, Bug Fixes and Improvements
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.