1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Several popular iPhone apps are quietly recording your screens

By midian182 · 4 replies
Feb 7, 2019
Post New Reply
  1. TechCrunch, along with The App Analyst, found that some airline, hotel, and retail apps use embedded technology from a company called Glassbox, a customer experience analytics firm.

    To show developers how customers behave in their apps, thereby allowing them to discover any issues, Glassbox uses session replays, which essentially record an iPhone screen without the owner’s consent or knowledge. This information is then sent to the devs, either directly or via Glassbox.

    For some apps, including travel sites, sensitive customer information isn’t being transferred securely. This includes passwords and credit card data, both of which weren’t always properly masked when sent to Air Canada—a company that recently reported a massive data breach that exposed 20,000 profiles. The practice left the data vulnerable to man-in-the-middle interception techniques.

    TechCrunch writes that none of the apps in question— Air Canada, Hollister, Expedia, Abercrombie & Fitch, Hotels.com, and Singapore Airlines—inform users explicitly about the data-gathering process, nor do they request permission or explain it in their privacy policies. Glassbox, on the other hand, is more open about what it does. "Imagine if your website or mobile app could see exactly what your customers do in real time, and why they did it? This is Glassbox," states its Twitter bio. The company even mentions the Air Canada deal.

    This sort of data gathering has been going on for a while now, and Glassbox isn’t the only company to offer such a service. Most developers say it’s the best way to improve their products, but not clearly stating that the process takes place will doubtlessly concern users.

    Permalink to story.

    Last edited by a moderator: Feb 7, 2019
  2. btfsttg

    btfsttg TS Rookie Posts: 27   +17

    I have been told hundreds of times only Android apps do this, that the Apple App Store filters all malicious apps out.

    How can this be?
  3. Hexic

    Hexic TS Evangelist Posts: 546   +380

    Rose-tinted glasses and security assumptions about a particular operating system.
    lexster, VitalyT, Polycount and 4 others like this.

    IAMTHESTIG TS Evangelist Posts: 1,772   +837

    This is why I HATE company apps. Everyone has to have a stupid app, McDonalds, Target, Starbucks, whatever. YOU DON'T NEED AN APP! Just make a quality mobile website. They just make the apps to track you and gather as much info about you as they possibly can so they can get more money out of you.

    I personally avoid apps on my phone and try to stick with stock everything as much as possible or purpose-built apps. I don't conform to all the "download our app" crap.

    lexster, Underdog and PEnnn like this.
  5. Kibaruk

    Kibaruk TechSpot Paladin Posts: 3,818   +1,182

    Shame on them for trying to monetize on opportunities, am I right?

    I completely understand, don't get me wrong it pissed me off too but you have to understand that the decision still falls on you and me, if you or I want those mcbucks (or whatever they give with the app) and if really want to install it or not.

    And this has been going for longer than apps, it started with the loyalty cards, when we started giving the companies better ways to profile their customers for nothing (Yeah sure, if you buy enough stuff you can eventually get a chocolate).

    I opt out for most of the tracking options (There are some that are worthwhile though, like when I made a big purchase of around $400, I got $140 of credit store which was really sweet).

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...