48 comments

[ 4.2 ms ] story [ 132 ms ] thread
"If you receive a call from a number and we can't detect it, then you, as a user, can actually add that information."

I hope that doesn't mean it has unrestricted access to my contact list.

Looks like both the Android app and the web app (via Google login) require full access to your contact list. Though it looks like the Android app still works if you manually disable that permission in Marshmallow.
The app actually came into existence through harvesting data via the contacts permission. Pretty sure this is still how it works, or maybe they changed their strategy once they got big enough.
Sorry to disappoint, this is exactly what it means.
That's pretty much why I change my phone number once a year. I don't want people to put it online in google, facebook, truecaller services. I never receive spam texts or calls.
Yeah, but isn't it super annoying to people who want to contact you (family, friends, etc.)? I haven't changed my cell number in over a decade, and rarely (if ever) get spam calls (never texts). Seems like a high price to pay for something that probably won't happen much, anyway.
>Yeah, but isn't it super annoying to people who want to contact you (family, friends, etc.)?

I have different approach to instant communication. Yes, some people complain, as I live overseas, mostly my parents. Others used to it. I don't want to be contacted by anyone who has my phone number any time THEY WANT TO CONTACT ME, so I see no need for them to have my phone all the times. I keep my number updated for some people, I didn't talk with friends from high school for last 2 years, but I send them text from my new number when I change it, some people deserve it, some don't. 3/4 of the day my phone is in offline mode, because I use it only to listen to music and as alarm clock. I never need to topup for more than £10 per 3months. Give it a try :)

Once a year? That sounds unreasonably painful, unless you just don't talk to anyone. Just updating accounts / banks / mortgage / etc is too much to even think about.
Why would my bank want to contact me over phone? I don't even see the case. I gave my phone once to insurance company, they wanted to do some verification check by calling me next day. I was free to remove my phone number from my profile the next day.
Alright I can tell this discussion isn't going to go anywhere logical. Tin foil hat secured.
I didn't know not following the fashion of putting everything online and giving bank, mortgage companies your phone number is called tin foil hat now ¯\_(ツ)_/¯

No, really, why would my bank want to call or text me? I log-in every 2-3 days to my online account where I have statements, I get everything in PDFs, sometimes they sent me emails when I withdraw too much. I also see no point in them sending me paper statements, so I opt-out from letters (they have my home address!)

> No, really, why would my bank want to call or text me?

My bank texts me when they suspect a credit card purchase might be fraudulent.

You know that phone numbers are largely recycled, right? So, if you change your number often, you're getting someone else's number, meaning your number is already online.
In the UK the overwhelming majority of spam calls come from companies using predictive diallers[1] - computers that just dial valid phone numbers until someone picks up and then routes the call to an operative (or plays a recorded message) - essentially they're brute forcing the phone system. Changing your number has no effect on getting calls and texts.

[1] The 'predictive' bit comes from the computer using a bit of intelligence to guess when an operative is going to finish their current call and dialling more/less numbers so there's minimal free time in the call centre. Clever tech but absolutely horrible if your job is anything to do with making calls all day.

I was curious if my number was in their system, so I went to their web site. To do a simple lookup you have to log in with a Google or Microsoft account, and you have to give it permission to view your Google+ circles as well as full access to your contact database. No, sorry, I am not giving you private contact info for everybody I know.
Well if you weren't in their database before you sure are after you allow full access
As are potentially all of my friends, family members, and colleagues.

I found this particularly absurd paragraph in their privacy policy[1]:

> Where the Truecaller Apps are obtained from other sources than Apple App Store or Google Play, You may share the names, numbers and email addresses contained in Your device’s address book (“Contact Information”) with Truecaller for the purpose described below under Enhanced Search. If you provide us with personal information about someone else, you confirm that they are aware that You have provided their data and that they consent to our processing of their data according to our Privacy Policy.

So by using the app you not only provide your entire contact database, but you're saying all your contacts are aware of it and they've agreed to the policy. I guess before you install it you have to call up everyone you know and ask if it's okay. It applies to new contacts too - getting a girl's phone number might be a bit awkward now that you have to ask if she accepts the privacy policy for a smartphone app you use.

Of course, it only applies if you don't get the app from the App Store/Google Play - because both of those ban this behavior. However if the app comes pre-installed with your phone, this policy could easily be baked into the terms you agree to during setup.

[1]: http://www.truecaller.com/privacy-policy

Edit: I actually didn't find anything in their privacy policy specifically referring to the web-based search on truecaller.com. Since their policy only mentions not harvesting your contact info if you use the App Store or Google Play, I have to assume the worst - especially since I can't think of any other reason why the web search would need full contact access.

Theoretically, if you uncheck the "enhance my request" option, they won't go through your contacts.
Truecaller appears to be built into my Cyanogenmod OS. I certainly appreciate it since ~90% of my phone calls that are not immediate family seem to be spam.
It's a European company so they must be aware of the dreaded 'Data Protection' rules here. Users opting in to the service should be okay, but scanning and uploading their entire address books (the pre-selected default) with everyone else's contact info looks questionable. It's been done though, I know the Android Twitter app does this (it asks permission after installing and it's easy to opt-out) so there's probably a way of doing this without getting sued.

If you visit their site and try to search your number to opt-out, you get a modal asking you to sign in with a Google or Microsoft account - no other options are provided. In miniscule font, an even smaller tooltip says "Sharing is caring, and in the Truecaller community we care about accurate results. By sharing your contacts with Truecaller, you will receive more accurate results and help improve the experience for millions of users around the world."

It's a tried and tested business model but I'm just not interested in doing data entry for someone else's silo for a marginal benefit to myself. Maybe I'm old-school but I'm fine with figuring out who is calling from an unknown number by simply answering and speaking with the caller.

> It's a European company so they must be aware of the dreaded 'Data Protection' rules here.

One man's poison is another man's tea. As a US citizen without any EU data protections, I envy the EU data protection rules. I don't care if that ruin's your startup's model.

Everyone has their phone number and home address publicially visible. You can't opt out. Is it the same in the US?
>Everyone has their phone number and home address publicially visible

Fist time I hear it. Where?

Sweden for example, where truecaller is from.
Take a look at hitta.se or eniro.se

Basically, an online phonebook, with reverse lookup, addresses, birthdays, neighborhood data, ...

(comment deleted)
No, it's not the same. In the US you would usually have your land-line and address listed in the phone book by default, and you could pay a very nominal fee to have it be 'unlisted'. Your mobile number would never be listed at all.

As an American living in Europe, I was surprised to see all land-line and mobile numbers published in our local directory (I'm in Britain) which even included a reverse look-up index so you could scan tables of numbers and see the corresponding names! That disappeared a few years back but most of the numbers are still listed if you know the person's name.

I'm all for privacy but I think the fear of having your number posted is overrated unless you have an actual reason (stalker, abusive ex, etc...) in which case a free and easy way to totally opt-out should exist. I've had my phone numbers and email address publicly posted for years and while I get the occasional weirdo, it's totally worth it for the random interesting calls from strangers.

I tried using Truecaller for its telemarketer blocking and its just a pig. It put its hooks into every part of my phone and notified nagged me to install its sister services constantly. I believe it also tried to replace my default dialer, if memory serves. It felt like a scammy application and I eventually gave up on it when I switched phones.

A 'lite' version of this app would be wonderful. Heck, I'd easily pay a dollar or two or three for something that blocked telemarketers and gave me better callerID. I imagine Truecaller's free pricepoint is killing it. They just need to do so many shady things to make money. I'd rather just pay them outright and not feel my phone hijacked.

Also, no service seems to be able to cut out scammers using cheap international voip and impersonating domestic numbers via callerid. I suspect there's no stopping this without some heavy handed regulation with voip providers. Truecaller wasn't able to identify or block these. They always came up as unknown. The scammers can simply cycle through fake callerid numbers endlessly it seems. It was amsuing to get the occasional 555-555-xxxx number. I don't think the foreigner scammers who watch Holywood movies for clues into how American culture works realized that these prefixes aren't real.

Far better headline:

>Truecaller steals your contact list to sell to the exact spammers you are trying to avoid

Doesn't solve the real caller identification problem I have: is this going to be a marketing call / PPI fraud / robodialler / attempt to social engineer me by telling me my PC has a virus.
It does when I use it in the UK. It frequently flags up an unknown number as "XXX People have flagged this numbers as Spam/PPI" (I forget the exact wording).
All I want is to know which business is calling. Isn't all that information public?

Google top results are littered with supposed answers to this question but are all just SEO tricks without any good info.

I've tried Truecaller several times and it didn't really do what I want (on iPhone).

Google has tons of verified public phone numbers for its map products. Android should be able to do reverse lookups of unknown callers.

This might not work for unlisted telemarketers. To catch those numbers, perhaps Google could anonymously collect Android users' phone blocklists. That does not have quite the same privacy concerns as sharing your entire contacts list with Google. This is the phone number version of Gmail's spam filter.

I think the URL everyone is looking for is http://www.truecaller.com/unlist. Impossible to check if it works though without creating an account and handing over all your details.

They really should provide a "Is my number listed?" search (and maybe a "Who do I blame if it is?"). Also, they should probably add some verification you own the number I guess, since I was able to delist my wife's without question.

Upvoted, this should be the top comment! I did go to the site looking for this but didn't find it.

The no questions asked de-listing is a good thing though, easy in and easy out. Like one click unsubscribe for email.

About a couple of months back it was possible to search for your own number on their site without an account, but now it's fully blocked and require you to install their app (and thus give all your info by default if you're on Android).

EDIT: It seems that they added Google and Outlook account login now, but they also require all your contacts.

I was using this to log calls in violation of the do not call list for some time. I meant to sue in small claims, but never got around to it.

Still, it's immensely valuable.

Does it somehow resolve spoofed caller id data?
my solution to this problem is easy.

just don't pick up the phone.

what is compelling you to pick up an unknown call? do you think you're going to win the lottery or something?

The challenge is when you're expecting a call but don't know the number it'll originate from (doctor's office, school, sports team parents/member/organizer, plumber, ...).
What's so bad about prefacing the meeting with "Sorry guys I'm expecting a call at some point today so if my phone goes off I'll need to leave to answer it"? Some people must surely be expecting calls from someone of an unknown number every day individually, but I would be surprised if it was a large number of people.
i just tell people i simply don't pick up my phone, and to text instead. at first they don't believe me, then they realize "oh yeah... i guess that's a good idea."

there is some insanity in the human condition that compels people to pick up their phone. i have rejected that shit entirely. i get a dozen calls a day, the fuck am i supposed to do, pick up every one?

try it, it works.

Just like with IP proxies - it's easy to originate call from Google talk, or other free calling service to remain totally unidentified.

Best way to filter calls during the meeting - don't pickup the phone and let caller to leave voicemail. At a first hint of a spammer - just block the number.

Done.

My number is on some Indian pharmacy's list and seems to have been sold to a bunch of others. I get at least two calls a day. Formerly on my Android, Mr. Number successfully blocked the great majority of these calls. Since switching to an iPhone I installed both Mr. Number and Truecaller, but apparently iOS doesn't permit these apps intercept the call and simply hang up. Really sucks. For just this reason I'll probably go back to Android for my next phone.
Yeah, I'm another big vote for Mr Number.

For some reason I would get multiple calls a week (sometimes multiple per day) from "Walgreens" telling me my prescription is ready - not sure if it's a scam for personal/medical/insurance info or if someone somewhere mistakenly entered my number. Leaning towards scam - called Walgreens and asked they delist me, they said they didn't know anything about it. And at first it was a listed number, then after I blocked that it started being unlisted, then I finally just blocked all unlisted callers. It only started after I opened a Bank of America card, and they're rather notorious for selling their customer info, so I have my suspicions there.

For some reason Android 4.4 doesn't have the capability to block unlisted numbers, so Mr Number is fantastic for adding this back in.

Useful app, but the latest android version of truecaller(7.x) REQUIRES access to your contacts. I uninstalled it and found the previous version(6.6) which only nags you for contacts access.

Bad move truecaller and very rude.

Not "Bad move". Try "Basics of the operation". How do you think they are able to collect all these phone numbers ?
This could have been such a killer app for Google Voice, you make hit *22 or something after a call to indicate its a spammer/sales/robocall and totally improve the experience for everyone else who doesn't have to listen even to the ring.