MacAlert!

Up to the minute Apple and Mac news alerts

Popular iPhone apps caught recording your screen without permission – here are the offenders

[2019-02-07 12:31:43]

In an effort to better understand how their customers interact with mobile apps, certain companies employed a third-party analytics data that can record everything you do while inside an application, including every single tap, swipe and text input. All that happens without explicit consent from the user, who has no idea that screenshots from the app may reach a third-party server, sometimes including sensitive personal data such as credit card numbers, passwords, and contact details. The iPhone hasn’t been hacked to allow such functionality, and it’s not a bug. It’s just the kind of clever-yet-creepy iOS that some companies were able to come up with. According to a TechCrunch report, several popular iPhone apps from hotels, travel sites, airlines, carriers, and banks, track everything you do inside the app. The report makes specific mention of apps from all the companies listed below, which record the action on the screen while inside the app. None of the privacy policies that accompany these apps mention this kind of analytics power explicitly. Abercrombie & Fitch Hollister Expedia Hotels.com Singapore Airlines Air Canada Some of these companies use Glassbox, a customer experience analytics firm that lets developers include so-called “session replay” features inside their apps. These replays allow developers to see exactly what you do with their apps and understand what, if anything, went wrong during a session. Screenshots are sent back either directly to the company’s servers or Glassbox’s cloud. In one example, App Analyst found that Air Canada wasn’t properly masking the session replays, which meant that sensitive data including passport number and credit card data would show up in replays. What’s worse is that Air Canada disclosed a few weeks earlier a data breach that exposed 20,000 profiles. The same analyst looked at other apps for TechCrunch and found that not every app was leaking data, and that none of the apps revealed this practice to customers — not that too many people do read the terms of conditions of any apps. Some apps sent the screenshots directly to a company’s website, although some sensitive data was exposed in some cases. Some of these companies they do include Glassbox tech in their apps, and some stressed on the fact that their apps don’t capture screens outside the applications, and they do not have that ability. Glassbox also said that its SDK only works with the app and “technically cannot break the boundary of the app.”

Read more....



RELATED!

Meet the $7 accessory that makes Apple’s AirPods sound so much better

The iPhone’s most sophisticated feature will hit more Android phones this year

iPhone users can finally protect WhatsApp chats with Face ID or Touch ID

Brand new Galaxy S10+ benchmark leak shows scores getting closer to iPhone XS

‘Mario Kart Tour’ for iPhone and Android delayed to summer

Samsung finally launched phones with notches, but didn’t copy Apple’s design

The world’s best camera phone is banned in the US, but Amazon has it for less than a comparable iPhone

A brand new leak says Apple is about to launch new iPad models

This $18 accessory brings the best thing about the Fire TV Stick to your Apple TV

The paper-thin iPhone case that’s perfect for people who hate cases is only $8.99 on Amazon

Photo battle between the iPhone and the Pixel has a surprising winner

Turn your iPhone into a DSLR with this discounted camera attachment

Is this what Apple’s first foldable phone will look like?

This $25 iPhone case always looks new because it heals itself from scratches

OnePlus 7 might get a camera feature you won’t find on any iPhone or Galaxy phone