Perplexity’s Android App Is Infested With Security Flaws, Report Finds

Forbes - Apr 18th, 2025

Perplexity, an AI search startup led by CEO Aravind Srinivas, is in the spotlight due to significant security vulnerabilities found in its Android app. Despite offering attractive incentives like a $1 million giveaway to boost app installs, a report from security firm Appknox highlights risks such as data theft and account takeovers. These issues arise from 'hardcoded secrets' within the app's code, which could be exploited by attackers to clone the app and deceive users. As Perplexity seeks to expand its reach through partnerships with tech giants like Samsung and Motorola, these security concerns pose a critical challenge.

The revelations come at a pivotal time for Perplexity, which is reportedly in discussions to secure funding at an $18 billion valuation. The company, known for its AI-powered search capabilities using models from OpenAI, Anthropic, and Meta, has already amassed significant venture capital backing. However, the security flaws, coupled with allegations of plagiarism involving its Perplexity Pages feature, underscore the importance of robust application security in the AI industry. Experts like Appknox CEO Subho Halder recommend users uninstall the app until the vulnerabilities are addressed, emphasizing that the rapid pace of AI development must not compromise user safety.

Ai Security Perplexity Aravind Srinivas Appknox Mobile App Vulnerabilities Samsung Partnership Motorola Integration Funding And Valuation Plagiarism Allegations

Story submitted by Fairstory

RATING

7.2

Fair Story

Consider it well-founded

The article provides a detailed and timely examination of the security vulnerabilities in Perplexity's Android app, supported by credible sources like Appknox and Bloomberg. It highlights significant issues that are pertinent to public interest, particularly in the context of AI safety and data security. However, the story could benefit from a more balanced perspective by including responses from Perplexity and exploring the company's positive aspects. While the technical content is generally clear and well-structured, additional simplification could enhance accessibility for non-technical readers. Overall, the article effectively raises awareness about the importance of security in AI applications, though its full impact is somewhat limited by the lack of direct company commentary.

Accuracy

The story generally aligns well with the known facts about Perplexity's security issues as reported by credible sources like Appknox. The claims about security vulnerabilities, such as hardcoded secrets and task hijacking, are consistent with the detailed security reports available from Appknox. The article accurately describes the potential risks these vulnerabilities pose to users and the company. However, the story mentions a $1 million marketing campaign by CEO Aravind Srinivas, which lacks direct verification in the cited sources and may require further corroboration. Additionally, details about the company's partnerships and funding status are presented confidently but would benefit from additional sourcing or direct confirmation from involved parties.

Balance

The article predominantly focuses on the security vulnerabilities of Perplexity's app, which could skew the reader's perception towards viewing the app as primarily problematic. While it mentions the company's growth and funding success, it does not provide a balanced view of its positive aspects or user benefits beyond the security concerns. There is also a lack of perspectives from Perplexity itself, as the company did not respond to requests for comment, which could have provided a more rounded view.

Clarity

The article is generally well-structured and uses clear language to explain complex technical issues, such as the security vulnerabilities in the Perplexity app. The narrative flows logically from one point to the next, making it accessible to readers without a technical background. However, some sections could benefit from further simplification or explanation, particularly the technical details about the app's vulnerabilities.

Source quality

The article cites reputable sources like Appknox and Bloomberg, which lend credibility to its claims about security vulnerabilities and business developments. However, it relies heavily on these sources without diversifying to include more perspectives or independent verification. The lack of direct quotes or responses from Perplexity reduces the depth of source variety and could impact the perceived impartiality of the report.

Transparency

The article provides a reasonable amount of context for the claims it makes, particularly regarding the security vulnerabilities. It cites specific reports and experts, which helps in understanding the basis of these claims. However, there is limited transparency regarding the methodology of how the vulnerabilities were discovered, and the absence of a response from Perplexity is not thoroughly explored or explained.