Symantec’s Modern OS Security team explains how iOS and Android apps misuse the OAuth authorization protocol to obtain excessive Google service permissions
Source: Symantec
Symantec Mobile Threat Defense: OAuth Misuse Could Risk Corporate and Personal Data