Car & Bike App Developers | Help required JK Tyres TPMS app

honest1

Herald
App developers and enthusiasts,

I am currently using a Tire Pressure Monitoring System (TPMS) service by JK Tyre, which requires a companion app to function. However, I've encountered a significant issue with this app and I am super unhappy with it. It mandates access to my precise background location to operate and despite not actively using the app, it continues to track my location every few minutes, which raises concerns about privacy and data security.

I've been in communication with the developer regarding this matter, but their responses have been vague and unhelpful. They haven't provided a satisfactory explanation for why the app needs constant location access or how they are handling this sensitive information.

Given these circumstances, I'm seeking advice on how to ensure that the developer does not misuse the location permission. What steps can I take to safeguard my privacy while still being able to use the essential features of the TPMS service? Are there any best practices or tools available to monitor and control app permissions more effectively?

Your insights and suggestions would be greatly appreciated.


1721388574837.png
1721388594059.png
 
No app dev can help you. As stated in the reply it was Google's decision to bunch Bluetooth permission under Precise Location category, since Android 8 IIRC

The root cause is Google Location Services which can correlate GPS position to WiFi/Bluetooth devices. For eg:

  • You're at home, connected to your wifi
  • You turn on GPS for a food app to fetch your location
  • So now Google knows your exact location + your router's MAC address.
  • Now suppose i happen to visit your neighbour's house, where your wifi is in range
  • Even if my GPS is off, Google still knows where i am because I'm in range of your WiFi, so the accuracy is maybe 10 metres

Same thing with Bluetooth, like on desktops, which are fixed. If I'm in range of a Bluetooth device like TV, Google (and hence the app) immediately knows where you are in the world.

The moment you created your Google account and started using Android, you kissed your privacy goodbye.

If you are paranoid security conscious, you should use non cloud connected devices everywhere. TPMS has no business connecting to your phone or requiring an online account to function; definitely not your vehicle number. It's just a way for companies to harvest your data. You should have gone for a stand alone model instead.

If your device is rooted, try blocking the app in your firewall - that will ensure it can send any personal data to the cloud. Assuming the app works without internet connection

Never forget : you are not a consumer, you are the product.

----

Sidenote: The best way of course is to set air pressure regularly (say every week), when you go to get fuel at a nearby (<1km) petrol bunk. Unlike cars it's way easier to tell when pressure is too low on a bike.
 
Last edited:
Thanks for your detailed reply!
I am not paranoid about privacy aspect and I know that if I am on internet, its not easy to have privacy.

My main question is whether the app developer is knowingly tracking the location or that is not their fault!

I believe with Android 14+, nearby device permission doesnt need location services separately.
 
The current Android version (14) grants granular location access permissions that should allow you to only grant the location access permission to the app while you are using it.
 
My main question is whether the app developer is knowingly tracking the location or that is not their fault!
They may or may not be harvesting data. No way to tell without inspecting what data it is sharing with the server.

The current Android version (14) grants granular location access permissions that should allow you to only grant the location access permission to the app while you are using it.
Leave it to Android to remove old features and them to newer versions as new features.