Kaspersky Internet Security for Android

About data provision

You can view information about the data provided to AO Kaspersky Lab by previous versions of the application:

• Kaspersky Internet Security 11.20.4.XXXX
• Kaspersky Internet Security 11.19.4.XXXX
• Kaspersky Internet Security 11.18.4.XXXX
• Kaspersky Internet Security 11.17.4.XXXX

To comply with legislation, you agree to automatically provide the following information:

• App ID
• App version
• Device ID
• IP-address
• Installation ID
• Agreement ID
• Agreement version
• User verdict
• Verdict time
• A statement identifier
• A statement version's identifier
• Flag indicating whether the statement was approved or declined
• Time when the statement was approved or declined

For the purpose of improving the quality of the app and analyzing user satisfaction, you agree to automatically provide the following information:

• User's review
• Rating
• Device operating system
• Version of the device operating system
• Version of the device firmware
• Device model
• App version
• Device locale
• Amount of free space in the device memory
• Amount of free RAM on the device
• App license mode
• Status of the Anti-Theft feature
• Status of the Internet Protection feature

To improve operational protection, you agree to automatically provide the following information:

• App name
• App version
• Device locale
• License status
• Device operating system
• Redirect link type

To remotely manage your acquired licenses and the protection of your Computer via the My Kaspersky website, you agree to automatically provide the following information:

• User’s email address
• User’s password
• Authorization context
• Captcha identifier
• Captcha type
• User’s reply to captcha
• Locale
• One-time security code for two-step verification
• Unique user identifier on My Kaspersky
• Unique device identifier on the My Kaspersky portal
• Unique temporary device identifier on the My Kaspersky portal
• Account type (user or admin)
• Region
• Flag indicating whether the user agrees to provide his / her e-mail address to receive personalized marketing offers
• Personal data – first name and last name (optional)
• Sale channel
• One-time password to connect the application automatically
• Activation code
• Application ID on My Kaspersky
• Application ID
• Application version
• Application locale
• General information about the user's device: unique device identifier on My Kaspersky, device’s network name, device type, operating system type, operating system version
• General information about licenses used in the application: license type, current license status, service information about license, activation error, license expiration date and time, feature array
• Device token type
• Service ID
• Unique ID of user-device binding on My Kaspersky
• Flag indicating whether anti-virus protection is turned on
• Flag indicating whether anti-virus databases are up-to-date
• Flag indicating whether the device is blocked
• Flag indicating whether Privacy Protection is turned on
• Flag indicating whether Internet Protection is turned on
• Anti-Theft status:
  • Flag indicating whether the Locate command can be performed on the device
  • Flag indicating whether the Mugshot command can be performed on the device
  • Flag indicating whether the Wipe Data command can be performed on the device
• Flag indicating whether a SIM card is installed on the device and data can be transmitted via the SIM card
• Type of Anti-Theft command
• Command ID
• Command status
• Command execution result:
  • Error code if the command was not executed
  • Device coordinates if the Locate command was successfully executed

To use the core functionality of the Software, you agree to automatically provide the following information:

• Product version
• Device ID
• Installation ID
• Product type
• Name of the detected object (file)
• MD5 hash sum of the detected object (APK file)
• URL, which refers to the requested information
• URL protocol
• Port number
• URL address of the page with personal data removed
• Name of the detected object according to the Kaspersky Lab classification
• Identifier of the anti-virus database record on which the verdict is based
• Database release time
• Application package name
• Name of store from which the application was downloaded
• Public key used to sign the APK file
• Hash sum of certificate used to sign the APK file
• Application ID
• Active license ID
• Unique identifier of the application installation
• Unique identifier of the update task launch
• Full application version
• Serial number of current license
• Current license ticket ID
• Unique build ID from PPCS service
• Product group
• Product version
• Locale
• Partner name
• Current license type
• Current license status
• Key lifetime
• Number of days left before the key expires
• Number of days since the key installation date
• Number of days since the license expired
• Flag indicating whether the KSN Statement was accepted
• Production product version
• MD5 hash sum of the DEX file of the installed application
• MD5 hash sum of the APK file of the installed application
• Flag indicating whether the application is in the system catalog
• Flag indicating whether the application has Device Administrator rights
• Flag indicating whether the application is a default SMS messenger
• Flag indicating whether the application uses accessibility services
• Permissions granted dynamically to the application
• Name of the APK file that is being installed
• Path to the APK file that is being installed
• Package name (or bundle name) from AndroidManifest.xml
• Application version
• Application version from AndroidManifest.xml
• MD5 hash sum of the DEX file of the installed application
• MD5 hash sum of the APK file of the installed application
• Serial number of the certificate that was used to sign the APK file
• Issuer of the certificate that was used to sign the APK file
• Public key used to sign the APK file
• Hash sum of the certificate used to sign the APK file
• Date when the file was signed
• Date when the certificate was issued
• Date when the certificate expires
• Application verdict status
• Method used to get the application verdict
• SHA-256 hash sum of the device (MAC + My Kaspersky user ID)
• Device name
• Device type
• Device manufacturer
• Operating system
• Detection technology
• Detection technology version
• Website URL
• Website IP address
• Website certificate hash sum
• Certificate type
• Certificate contents

To ensure the uninterrupted operation of the Software, you agree to automatically provide the following information to Crashlytics:

• Application crash identifier
• Timestamps of when the user launched the application and when the crash occurred
• Bundle identifier and full version number of the application
• Operating system name and version
• Flag indicating whether the device is rooted
• Device model name, CPU architecture, amount of RAM and disk space
• Plain-text class name and message of the exception
• Flag indicating whether the app was in the background when it crashed
• Integer value indicating the screen rotation at the time of the crash
• Battery level, battery discharge rate, amount of RAM used, and amount of disk space currently used
• Android ID and the Android Advertising ID

  Information about how data is processed in Crashlytics is published at: https://try.crashlytics.com/terms/.

In order to identify new and challenging data security threats and their sources, as well as threats of intrusion, and to take prompt measures to increase the protection of the data stored and processed by the user with a computer, you agree to automatically provide the following information to the Kaspersky Security Network cloud service:

• Information about suspicious files:
  • File or part of a file
  • Service information (constant, version, and service name)
• Information about device firmware:
  • Operating system
  • Device model
  • Build ID for displaying to the user
  • Firmware fingerprint
  • Firmware identifier
  • Product/hardware manufacturer
  • Full product name
  • Build type, for example, "user" or "eng"
  • Current development codename or the string "REL" for production builds
  • Incremental number of the build
  • Flag indicating whether the device is rooted
  • Whether installation of apps from outside of Google Play is allowed
  • Status of the cloud service for verification of Google apps
  • Status of the cloud service for verification of Google apps being installed through ADB
  • License type
• Information about the detected object:
  • MD5 hash sum of the detected object
  • Size of the detected object
  • Name of the detected object according to the Kaspersky Lab classification
  • Flag indicating the verdict status
  • Name of the detected object (file)
  • Full path to the detected file
  • Path template code
  • Identifier of the anti-virus database record on which the verdict is based
  • Database release time
  • Record type, the identifier of the anti-virus database that a record belongs to
  • Date and time of the last anti-virus database update on the user’s device
  • Information about whether the detected file is a portable executable (PE) file
  • File type code
  • File type identifier
  • SHA2-256 hash sum of the detected object
• Information about opening the phishing URL:
  • Operating system version
  • Operating system service pack version
  • Version of the statistics package
  • URL, which refers to the detected object
  • MD5 hash sum of the executable file that requested the URL
  • Size of the executable file that requested the URL
  • Name of the executable file that requested the URL
  • HTTP referrer data
  • IP address of the server with which a connection was established
• Information for identifying new web threats and analyzing false positive detects:
  • Operating system version
  • URL address of the page on which malicious or suspicious content, or a malicious or suspicious object was detected
  • IPv4 address of the blocked object
  • Version of the statistics package
  • Name of the detected object according to the Kaspersky Lab classification
  • Name of the executable file that downloaded the detected object
  • Size of the executable file that downloaded the detected object
  • MD5 hash sum of the executable file that downloaded the detected object
  • Identifier of the anti-virus database record on which the verdict is based
  • Database release time
  • Identifier of the anti-virus database that a record belongs to
  • Release date and time of the anti-virus database on the user’s device
• Information about Wi-Fi networks:
  • Wi-Fi network SSID
  • SHA256 hash sum of the MAC address (BSSID) of the Wi-Fi access point
  • MD5 hash sum of the MAC address (BSSID) of the Wi-Fi access point
  • Flag indicating whether the device is plugged in
  • Flag indicating whether a DNS name is available
  • Device type
  • Product version
  • Product identifier
  • Hash sum of the UID and BSSID
  • Hash sum of the UID and SSID
  • Hash sum of the UID, BSSID, and SSID
  • List of available Wi-Fi access points
  • Resulting security category of the network in the product
  • Resulting publicity category of the network in the product
  • DHCP settings
  • Signal level
  • Hash sum of the local IPv4 address
  • Hash sum of the local IPv6 address
  • Local time when the connection was started
  • Local time when the connection was interrupted
  • Connection types supported by the access point
  • The set of authentication protocols supported by this configuration
  • The set of group ciphers supported by this configuration
  • The set of key management protocols supported by this configuration
  • The set of pairwise ciphers for WPA supported by this configuration
  • The set of security protocols supported by this configuration
  • Authentication protocol used for the WPA-EAP connection
  • Internal authentication protocol
• Information about the quality of KSN services:
  • KSN service identifier
  • Statistics for successful packets
  • Statistics for unsuccessful packets
  • Statistics for packet time
  • Statistics for packet number
  • Number of connections from cache
  • Number of successful connections
  • Number of unsuccessful connections
  • Number of successful transactions
  • Number of unsuccessful transactions
  • Time distribution of successful connections
  • Time distribution of unsuccessful connections
  • Time distribution of successful transactions
  • Time distribution of unsuccessful transactions
  • Service request identifier
  • Number of service requests
  • Number of service requests from cache
  • Number of requests canceled because of network problems
  • Number of requests canceled because of inactive service
  • Number of requests canceled because of an invalid path
  • Time distribution of successful requests
  • Time distribution of canceled requests
  • Time distribution of requests that timed out
  • Time histogram

When participating in KSN, the User agrees to provide the following information for all purposes mentioned above:

• Unique software installation identifier
• Full version of the installed software
• Type of the installed software
• Unique identifier of the computer
• Unique user identifier on My Kaspersky

For the purposes of allowing the Rightholder to create effective marketing and informational materials, you agree to automatically provide the following information:

• Product version
• Device ID
• Installation ID
• Product type
• Activation code
• String with the following information about the User of the activation code: unique User ID on My Kaspersky activation code, type of license ownership (owner or subaccount), My Kaspersky infrastructure signature
• Application locale
• Global application identifier(s) that indicate application type
• Global product identifier
• Application version
• Installation ID
• Unique device identifier
• Current local date and time on User’s device
• Previous activation code
• Operating system type
• Operating system version
• Product identifier in internal PPCS system
• Service identifier
• Device platform (Android)
• Unique device identifier on the My Kaspersky portal
• A list of applications (application identifiers) compatible with the current application
• License identifiers
• IMEI
• Mobile carrier code
• Mobile device model
• Date of overlap
• Overlapping application information: application package name, .apk file name, path to .apk file without file name, classes.dex file md5 hash, .apk file md5 hash
• Overlapped application information: application package name (for the overlapped application: if the advertisement is shown on an empty desktop, the value should be "launcher"), .apk file name, path to .apk file without file name, classes.dex file md5 hash, .apk file md5 hash
• Width of the overlapping view
• Height of the overlapping view
• Width of the device screen
• Height of the device screen
• Unique User ID in Rightholder’s systems
• Type of license used
• License validity period
• Order number when purchasing the license
• Order price ID when purchasing the license
• Full name of the partner from whom the license was purchased
• Order number used by the partner
• Country where the partner is located
• Description of license parameters
• License identifier
• Customer name
• Current subscription state
• Cause of current/changed subscription state
• ID of the provider’s subscription system
• Indexed string array used by the subscription provider to transfer additional information
• Indexed array of numbers used by the subscription provider to transfer additional information
• Whether the subscription is in a grace period
• License activation date
• License expiration date
• Subscription expiration date
• Flag indicting whether the user is subscribed to the Rightholder’s Facebook page
• Operating system type
• Version of the operating system installed on the User’s computer
• Operating system bit version
• Whether the installed instance of the application is connected to My Kaspersky

For the purposes of allowing the Rightholder to create effective marketing and informational materials, you agree to automatically provide the following information to AppsFlyer, Google Analytics, and Firebase Cloud Messaging:

• Google Analytics:
  • Application version, application name in Google service, and application ID in Google service
  • Unique ID of the instance of application installation on the computer and information about the language (locale) of the device
  • Computer screen resolution
  • Name of the computer window or dialog that is active when data is submitted
  • Time stamps of the start and end of the period during which the selected window or dialog was active
  • Duration of the session during which the window was active
  • Processor type
  • Version of the protocol used to submit data to Google Analytics service
  • ID of the event about which data is submitted
  • IDs of application operations and the result of such operations
  • User’s unique ID in Google services
  • Name of the internal time variable
  • Time zone

  Data is forwarded to Google Analytics over a secure channel. Information about how data is processed in Google Analytics is published at: www.google.com/policies/privacy/partners/.

• Firebase Cloud Messaging:
  • Information about the Software installed on the computer: version, name of the store where the application was obtained, timestamp of the first launch of the Software
  • Information about in-app purchases: identifier and name of the application, currency and purchase amount
  • Information on the use of the Software: event type, name of the blocked application, the flag indicating whether the application is added to the list of blocked applications, length of the PIN code
  • Information about the User’s computer where the Software is installed: computer manufacturer name, type of computer, version and the language (locale) of the operating system, information about the application first opened in the last 7 days and the application first opened more than 7 days ago
  • Advertising ID
  • Information about the User: age category and gender, identifier of the country of residence, and list of interests
  • Information about an application update or uninstallation
  • Information about an operating system update
  • Information about whether the user reset/cleared app data, removed all settings and sign-in data
  • Information about whether the app crashed or threw an exception
  • Information about whether a notification sent by Firebase Notifications was received while the app is in the foreground
  • Information about whether a notification sent by Firebase Notifications was received by a device when the app is in the background
  • Information about whether a user opened a notification sent by Firebase Notifications
  • Information about whether a user dismissed a notification sent by Firebase Notifications
  • Information about whether a user opened the app for the first time via a dynamic link
  • Information about whether a user opened the app via a dynamic link
  • Information about whether the app is updated to a new version via a dynamic link
  • Event type and value
  • Unique identifier of the application installation (Instance ID)
  • Android ID
  • Information about Software installed on the Computer: instance ID, version, name of the store where the application was obtained, timestamp of the first launch of the Software, whether the app is in the foreground or background, app package name, a pseudonymous app-instance identifier, network, and the following corresponding information: response codes, payload size in bytes, response times, duration times for automated traces
  • Information about the Users’ Computer where the Software is installed: Computer brand, category, model and orientation, RAM and disk size, version and language (locale) of the operating system; information about whether the application was first opened in the last 7 days or more than 7 days ago
  • Carrier, radio/network information, IP address, geography, locale/language, signal strength, whether the device has been jailbroken or rooted, battery level and battery-charging state
  • Time of app initialization
  • Time of AV database download

  Data is forwarded to Firebase over a secure channel. Information about how data is processed in Firebase is published at: https://firebase.google.com/terms/data-processing-terms/, https://firebase.google.com/support/privacy/.

• AppsFlyer:
  • Name and version of the installed Software, Software ID and installation date on the User's computer
  • User’s computer information: computer manufacturer and model name, User’s computer name, unique ID, operating system version, information about the type of network connection, IP address, ID of Android operating system installation on the computer
  • Mobile operator and region
  • Information about the AppsFlyer SDK used in the Software: SDK version
  • ID of Android operating system installation on the computer
  • User’s unique ID in Google services
  • Date, time and name of the event, about which data is sent, event parameter and currency code
  • Protocol version
  • AppsFlyer internal transaction ID
  • Information whether the application was previously installed
  • First launch date and time
  • Flag indicating use of the Advertiser ID
  • Unique Kaspersky Lab ID received from AppsFlyer (AppsFlyer Dev Key)
  • AppsFlyer license key
  • Value of the event counter
  • First launch flag
  • IP address
  • Version of the operating system

  Data is forwarded to AppsFlyer over a secure channel. Information about how data is processed in AppsFlyer is published at: https://www.appsflyer.com/privacy-policy/.