What to consider when using Chinese shopping app Temu
Cybersecurity experts were spooked earlier this year by a malware-ridden shopping app. Photo:TND/Getty/Temu
An online Chinese marketplace is booming in popularity, with experts reminding customers that, as with any app, they must be mindful of the data they hand over.
The app, called Temu, launched in Australia this year, following its success in the US, where it had 18 million downloads. Australians might have noticed a lot of ads popping up for Temu on their phones and computers of late.
Temu strongly resembles online retailers like AliExpress and Wish; it also offers goods ranging from clothing to gaming systems at extremely cheap prices.
Nintendo Switch controllers, which usually retail for about $119, are advertised for about $48. A pack of 14K gold-plated zirconia rings are on sale for just $2.57.
While these sorts of deals might be tempting amidst the rising cost of living, the US government has stated that buying bargains on Temu could come at the cost of your personal data.
Malware
Temu shares its parent company, PDD Holdings, with e-commerce platform Pinduoduo.
In March, Google removed the Pinduoduo app from its Play Store after malware was discovered in some versions of the app downloaded from other app stores.
In April, multiple cybersecurity researchers from across the world confirmed malware could be found on Pinduoduo’s mobile app, enabling it to bypass user security permissions and access private messages, change settings, view data from other apps, and prevent uninstallation.
Pinduoduo issued a new update of its app in March that removed the malware. It also disbanded the team of employees who developed it.
Most of the team were reportedly transferred to Temu, heightening concerns over security of the marketplace’s app.
Pinduoduo’s malware scandal has tarnished the reputation of Temu. Photo: Getty
Paul Haskell-Dowland, associate dean for computing and security at Edith Cowan University, said the US is likely concerned that when enough data is gathered on a shopper, their roles in military or intelligence organisations could be revealed.
Ausma Bernot, postdoctoral research fellow in criminology at Charles Sturt University, said any sort of economic competition from China is also considered a national security threat to the US.
This is why the US sends out such “heightened messaging” around new economic competitors.
How risky is Temu?
Dr Haskell-Dowland said the risk of malware accompanying Temu app downloads is not greater than any other app downloaded through official app stores that belong to the likes of Apple and Google.
“The indications that I’ve seen so far is that [malware-ridden Temu app downloads] were predominantly from non-official app stores,” he said.
“This is, in many ways, no different from things that you might find in any other run-of-the-mill application – that could include things like Facebook and LinkedIn.
“If you’re downloading a copy of the app from a non-official web store, then there is a high probability that you’re potentially going to receive malware as part of that … you’re downloading things from a store that doesn’t have the same safety and controls as perhaps you might expect with Apple or with Google.”
That doesn’t mean there’s no risk at all of malware being downloaded with the app, but Dr Haskell-Dowland said the bigger risk comes from allowing the app to access personal or sensitive information on your device.
TikTok is likely a much greater security risk than Temu, Dr Bernot said. Photo: Getty
“A lot of these apps rely upon the sharing of data and the generation of large volumes of data,” he said.
“The fact that these are Chinese-based companies means that there is a potential to gather very large, significant amounts of information about an individual … maybe personal information on them, probably financial information if you’re conducting transactions.
“And all of that is effectively data accessible to the Chinese company, and where appropriate, their parent companies … and under Chinese legislation, there’s the probability that could be made available to the Chinese Communist Party through various government entities.”
Dr Bernot said while there is always a “very remote” risk that a China-related app will hand over information about you to Chinese authorities, intelligence agencies have better ways to get that information.
“Temu wouldn’t be the first go-to platform to get that information off people trying to buy water bowls for their dogs,” she said.
“TikTok would definitely be a … bigger concern, because there’s a lot more personal sensitive information on the app, rather than on Temu.”
TikTok was banned on Australian government devices in April over security and privacy risks.
Is a Temu purchase worth it?
As so often is the case, you’ll get what you paid for, Dr Haskell-Dowland said.
“If you’re paying $3 for a T-shirt, you’re probably not getting the highest quality product, and we know that and expect it,” he said.
But with the cost of living seriously affecting the budgets of many Australians – which worsened on Tuesday after the Reserve Bank of Australia issued yet another cash rate hike – shoppers are on the lookout for cheaper products.
Dr Bernot said: “I think [Temu is] just another another version of AliExpress by a different company that’s trying to really use that recession time when people are looking for bargains.”
The sales are jaw-dropping, but they probably won’t last forever. Photo: TND/Temu
She said platforms like Temu and AliExpress are trying to replicate the success of mainland-focused Chinese companies like Taobao, which connects factories to consumers and is known for low prices and speedy deliveries.
But a focus on low prices and speed usually comes at the expense of workers; Amazon is known for not allowing its employees enough breaks at packing centres, and Pinduoduo came under fire for forcing its workers into extreme overtime and inadequate facilities, allegedly leading to deaths within a two-week period between December 2020 and January 2021.
Dr Bernot said prices were unlikely to stay as extremely low as they currently are once Temu secures its customer base, with the company likely to be running at a loss in the meantime.
“I remember living in China, and there was one coffee company that was competing with Starbucks, and for three months … if you were to buy a coffee, they’d give you another coffee for free, and they’d give you a scone, and would deliver that to you for a really cheap price,” she said.
“And in those in those few months, they didn’t make money … I think this is the entry strategy of Temu as well.”