It is more granular than that. You missed the second test. The one where they time the round trip of the page handshake. If it's less than 200 ms they are fairly certain they are on the same tower as the victim's cell phone.
And, the article mentions the whole point of this exploit is not needing to intervene with the victim's cell phone as would be the case with your obtaining data from installed apps.
Keep Up with TechRepublic