Apple's Beats brand in April unveiled the Powerbeats Pro, a redesigned wire-free version of its popular fitness-oriented Powerbeats earbuds.
Some Popular iPhone Apps Secretly Record Your Screen for Analytics Purposes
Multiple popular iPhone apps from major companies are using intrusive analytics services that capture detailed data like taps, swipes, and even screen recordings without customer knowledge, reports TechCrunch.
Apps that include Abercrombie & Fitch, Hotels.com, Air Canada, Hollister, Expedia, and Singapore Airlines are using Glassbox, a customer experience analytics firm that lets developers use "session replay" screen recording technology within their apps.
Session replays let developers screenshot or record or a user's screen and then play back those recordings to see how users interact with their apps. Taps, button pushes, and keyboard entries are all captured and provided to app developers.
Some apps, such as Air Canada, don't properly mask data that's recorded, exposing information like passport numbers and credit card information. Air Canada employees with access to the screenshot database can readily see this data.
TechCrunch had mobile app expert The App Analyst look at some of the apps that Glassbox lists as a customer. Not all apps leaked masked data, and most appeared to be obfuscated, but there were instances where email addresses and postal codes were visible.
"Since this data is often sent back to Glassbox servers I wouldn't be shocked if they have already had instances of them capturing sensitive banking information and passwords," The App Analyst told TechCrunch.
As TechCrunch points out, all of the apps have a privacy policy, but not one makes it clear that they're recording a user's screen. Glassbox does not require special permission from either Apple or the user to record the screen, and without checking specific app data, there is no way to know if an app is doing this.
Glassbox also does not require its customers to mention the usage of the screen recording feature in their privacy policies.
With no way to detect that this is going on, all customers can do is refuse to use the apps and services of companies that are found to be engaging in shady analytics tracking purposes without clear privacy policies.
Apps that include Abercrombie & Fitch, Hotels.com, Air Canada, Hollister, Expedia, and Singapore Airlines are using Glassbox, a customer experience analytics firm that lets developers use "session replay" screen recording technology within their apps.
Session replays let developers screenshot or record or a user's screen and then play back those recordings to see how users interact with their apps. Taps, button pushes, and keyboard entries are all captured and provided to app developers.
Some apps, such as Air Canada, don't properly mask data that's recorded, exposing information like passport numbers and credit card information. Air Canada employees with access to the screenshot database can readily see this data.
TechCrunch had mobile app expert The App Analyst look at some of the apps that Glassbox lists as a customer. Not all apps leaked masked data, and most appeared to be obfuscated, but there were instances where email addresses and postal codes were visible.
"Since this data is often sent back to Glassbox servers I wouldn't be shocked if they have already had instances of them capturing sensitive banking information and passwords," The App Analyst told TechCrunch.
As TechCrunch points out, all of the apps have a privacy policy, but not one makes it clear that they're recording a user's screen. Glassbox does not require special permission from either Apple or the user to record the screen, and without checking specific app data, there is no way to know if an app is doing this.
Glassbox also does not require its customers to mention the usage of the screen recording feature in their privacy policies.
"Glassbox has a unique capability to reconstruct the mobile application view in a visual format, which is another view of analytics, Glassbox SDK can interact with our customers native app only and technically cannot break the boundary of the app," the spokesperson said, such as when the system keyboard covers part of the native app/ "Glassbox does not have access to it," the spokesperson said.There are other analytics companies that have practices similar to Glassbox, like Appsee and UXCam, and there are a lot of major companies that are using this kind of technology, based on their customer lists. This kind of tracking is also not limited to iOS apps -- it can be done on the web as well.
With no way to detect that this is going on, all customers can do is refuse to use the apps and services of companies that are found to be engaging in shady analytics tracking purposes without clear privacy policies.
Tag: App Store
[ 272 comments ]
Top Rated Comments
(View all)
11 weeks ago
Apple do your thing! This is a violation of privacy. These app developers need to learn a lesson.
11 weeks ago
Looks like Apple needs to tighten the app noose a little more. The App and MAS store is supposed to be a sandbox for many important reasons and privacy is paramount.
11 weeks ago
This is partially why I use as few apps as possible. I’ll go on a website on my desktop with proper blockers in place if I need to. My phone is a minimal use device these days.
11 weeks ago
People wanted free apps. Well this is what you get when you use free apps. Massive invasions of privacy for the purpose of mining and monetizing your personal information.
11 weeks ago
There’s no App Store guideline that prohibits collecting usage information. To the contrary, Apple permits collection of usage information if the user consents.
Consent is generally satisfied by providing a terms of service link and consent is basically continuing to use the app after being afforded the opportunity to review the terms.
11 weeks ago
If apple doesn’t remove these from the App Store and hit the kills witch on the ones the are on users phones I will be very disappointed.
11 weeks ago
Sue them. Too bad for expedia....used to love you.....now.....(throws up)
Edit: what the hell is up with security and privacy?!
Edit: what the hell is up with security and privacy?!
11 weeks ago
What? This is unacceptable and these apps needs to be removed now and disabled. Is this the full list?
11 weeks ago
As a UX Designer, big fail by those companies secretly collecting data for analytical purposes and worse that sensitive data isn't masked. A user should always give permission that their sessions will be used to evaluate how we might create a better experience and it must be disclosed who will use that information and how. Working in finance, where all sensitive data from a user must be masked, e.g. using Hotjar and everything must be disclosed openly to the user.
11 weeks ago
Wait how is this a big deal ? You are in fact using the app, so they in fact know everything your doing. Remember only the app you are using can grab your screen, what’s the issue ? The developer built the app, knows what it looks like, knows what your pressing.. why is this news ? Is the information being transferred outside of the app developers control ? If so then I see it as a concern. This is no different than google analytics. It only captures that’s specific app. And this SDK is not specific to iPhone, it’s available for various platforms, including android. The good think about apples store is they can actually detect and remove all apps who are using this if they wanted too. Especially if this is not disclosed to a user
[ Read All Comments ]
As part of its ongoing effort to rebuild Apple Maps, Apple has added detailed terrain features to the U.S. states of Arizona and New Mexico as well as the southern portion of Nevada, including the...
Tik Tok, which was pulled from the App Store in India last week to comply with a government demand to block downloads over child safety concerns, is allowed to return to the App Store, reports...
Amazon is currently discounting the latest 13-inch MacBook Pro with Touch Bar to a new all-time-low price. Specifically, this is the 2.3 GHz Quad-Core Intel Core i5 model with 8GB RAM and a 512GB...
Over four years after debuting on Android, and following a significant redesign last year, Google Fit is now available on iOS.
The fitness tracking app can track workout sessions completed...
Following a flash sale on Easter, Best Buy has returned this week with a new 4-day sale that offers discounts on the MacBook Pro with Touch Bar, iPhone X, Beats products, iPhone cases, and more. The...
iPhone XR remained the best-selling iPhone model in the United States in the first quarter of 2019, as it was in the fourth quarter of 2018, according to a survey conducted by research firm CIRP and...
Apple today seeded the third beta of an upcoming tvOS 12.3 update to its public beta testing group, one day after providing the beta to developers and two weeks after seeding the second public beta....
Apple today seeded the third beta of an upcoming macOS Mojave 10.14.5 update to its public beta testing group, a day after seeding the beta to developers and two weeks after releasing the second...
