It has taken America by storm - but may have led millions of iPhone users to inadvertently give away access to their Google account.
Experts have warned that iOS users of Pokémon Go are putting themselves at risk by signing up using Google.
By signing up to the game, it gives make Niantic access to the user's entire Google account - from email to search history.
Pokemon Go allows players to flit between the real and virtual world to capture different creatures which appear on phone screens in a number of real-life locations (the map of the game is pictured above). However, experts have warned that iOS users of Pokémon Go are putting themselves at risk by signing up using Google.
Security expert Adam Reeve said he first noticed the issue signing in online.
'On a whim I went to see which permissions it was granted,' he wrote.
'To say I was a little stunned is putting it lightly - it said: Pokemon Go has full access to your Google account.'
Reeve believes the game, based on a game called Ingress developed by Google before being spun out into its own firm called Niantic, is not actually using these permissions for anything other than logging people in.
'I obviously don’t think Niantic are planning some global personal information heist.
'This is probably just the result of epic carelessness.'
However, he admitted he had deleted his account in light of the issue.
'But I don’t know anything about Niantic’s security policies. I don’t know how well they will guard this awesome new power they’ve granted themselves, and frankly I don’t trust them at all.
'I’ve revoked their access to my account, and deleted the app.
'I really wish I could play, it looks like great fun, but there’s no way it’s worth the risk.'
By Mark Prigg
