Experts Flag Security, Privacy Risks in DeepSeek AI App

Chinese artificial intelligence (AI) company DeepSeek’s new mobile apps have been among the top three most downloaded free apps for Apple and Google devices since their release on 25 January 2025.
However, there are concerns that the company’s use of hard-coded encryption keys and its transmission of unencrypted user and device data to Chinese companies introduce significant security and privacy risks.
The app has been widely downloaded despite warnings from mobile security company NowSecure, which conducted a study of the iOS app and found a number of security and privacy issues, with the firm ultimately recommending that organisations remove the app.
The potential privacy issues stem from the app’s collection of a significant amount of user data, including internet addresses and device information, and there are concerns about the potential for such data to be used to deanonymise users.
Furthermore, the app uses an insecure and now deprecated encryption algorithm – Triple DES – with a hard-coded encryption key, meaning the key can be extracted from the app itself.
Other security issues were also highlighted in the report, with the researcher stating that he believes there are likely to be more issues hidden within the app’s code.

Fast Feed