An investigation by TechCrunch has revealed that a number of popular iOS apps actually record the user’s screen while the app is in use. TechCrunch lists apps like Air Canada, Hollister and Expedia as among those caught sneakily recording user’s screens.
The list of apps caught pants down is actually long, with a majority of them coming from hoteliers, travel sites, airlines, cell phone carriers, banks and financiers. The scary part? None of these apps actually revealed to the user that their actions would be recorded, yet all of these apps contained sensitive user data like credit card information and passwords.
These apps are able to record their user’s actions thanks to a service known as Glassbox. Glassbox is a customer experience analytics firm, which allows developers to embed screen recording capabilities into their app to enable these developers to replay user sessions to understand the experience that they are having.
Things get even scary as one app analyst revealed that as much as these apps try to mask the sensitive data such as passwords and credit card information, some of them were not properly masking this information thus making it visible to the developers, one such app is Air Canada, who surprisingly revealed just a few weeks ago that they had a data breach that left 20,000 profiles exposed.
In response to this revelation, Air Canada told TechCrunch that they do not capture screen recordings outside of their app, however, they did acknowledge that they do capture user information within the app, “Air Canada uses customer provided information to ensure we can support their travel needs and to ensure we can resolve any issues that may affect their trips. This includes user information entered in, and collected on, the Air Canada mobile app,” read the statement.
Gadgets Africa’s Take:
We’re actually surprised that such frameworks as Glassbox exist and that Apple has let them through their door. Apple’s white sheets of protecting user privacy have been getting stained of late including their very own FaceTime bug that was a disaster for the company. Just five months back, a number of iOS apps were caught sending users’ location data to monetization firms. Yikes!