Don't miss the latest stories
Apple Issues Warning To Popular iPhone Apps That Secretly Record Users’ Screens
By Mikelle Leow, 08 Feb 2019
From left to right: icons for Abercrombie & Fitch, Expedia, and Hotels.com apps. Images via iTunes
When Apple rolled out its screen-recording tool in iOS 11, it proved to be both a godsend and bane. While the ability to capture video screenshots might come of use, it turns out that some brands have been leveraging this tool to study users’ activity without their permission.
A recent investigation by TechCrunch and mobile expert The App Analyst found that a series of popular iOS apps utilize Glassbox, a digital customer experience analytics firm that allows developers to integrate screen-recording technology, dubbed “session replay,” in apps.
The “session replay” feature enables developers to record a user’s screen, and then play them again to watch how they interact with an app. Observable actions include button pushes, taps, and keyboard entries.
Glassbox’s clientele includes Abercrombie & Fitch, Air Canada, Expedia, Hollister, Hotels.com, and Singapore Airlines—all of which have not disclosed in their privacy policies that they were recording people’s in-app behaviors.
The findings showed that certain apps, like the Air Canada app, don’t properly mask confidential information such as credit card data and passport numbers. Employees of Air Canada who have access to its backend might be able to easily view this data.
It is worth noting that not all apps exposed this sort of data, but in some instances, postal codes and email addresses were still visible.
Abercrombie & Fitch, which also owns Hollister, later responded that Glassbox ensures “a seamless shopping experience… to [help] identify and address any issues customers might encounter in their digital experience.”
Air Canada gave a similar answer, saying that the “customer-provided information” ensures problems relating to passengers’ trips can be easily resolved by looking at what goes on in its app.
Following the crackdown, Apple has told developers to delete or properly disclose if their apps record user interactions. Should its warning be ignored, the apps might be removed from the App Store.
“Protecting user privacy is paramount in the Apple ecosystem,” an Apple spokesperson told TechCrunch. “Our App Store Review Guidelines require that apps request explicit user consent and provide a clear visual indication when recording, logging, or otherwise making a record of user activity.”
“We have notified the developers that are in violation of these strict privacy terms and guidelines, and will take immediate action if necessary.”
Developers have been given less than a day to remove infringing codes and reupload the software on the App Store.
[via MacRumors and TechCrunch, images via various sources]
More related news
Also check out these recent news