Research from North Carolina State University showed that ads in Android apps are risky business for privacy and security. The apps can gain root access, track users' locations through GPS , phone call logs, contacts and apps stored on the device.
Research from Purdue University in Indiana revealed that free apps drain batteries faster because 75% of an app's energy consumption was spent on powering advertisements. This research looked at popular apps such as Angry Birds and Facebook running on Android and Windows Phones.
In Angry Birds, research showed that only 20% of the total energy consumption was used to actually play the game itself.
In the rest of the apps 45% is used finding out your location with which it can serve targeted advertising. Besides that the app advertising is using up data.
More than half the apps in Google Play use ad libraries that run software from remote services that can collect data, that raises significant privacy and security concerns. The code could be anything and maybe launch a "root exploit."
The ad libraries receive the same permissions that the user granted to the app itself when it was installed – regardless of whether the user was aware he or she was granting permissions to the ad library.
One significant find was that 297 of the apps (1 out of every 337 apps) used ad libraries “that made use of an unsafe mechanism to fetch and run code from the Internet."
Jiang’s team found that 48,139 of the apps (1 in 2.1) had ad libraries that track a user’s location via GPS, presumably to allow an ad library to better target ads to the user. However, 4,190 apps (1 in 23.4) used ad libraries that also allowed advertisers themselves to access a user’s location via GPS. Other information accessed by some ad libraries included call logs, user phone numbers and lists of all the apps a user has stored on his or her phone.
The ad libraries pose security risks because they offer a way for third parties – including hackers – to bypass existing Android security efforts. Specifically, the app itself may be harmless, so it won’t trigger any security concerns. But the app’s ad library may download harmful or invasive code after installation.