iPhone Apps secretly record your screen without asking
Many major companies, like Air Canada, Hollister and Expedia, are recording every tap and swipe you make on their iPhone apps. In most cases you won’t even realize it. And they don’t need to ask for permission.
You can assume that most apps are collecting data on you. Some even monetize your data without your knowledge. But TechCrunch has found several popular iPhone apps, from hoteliers, travel sites, airlines, cell phone carriers, banks and financiers, that don’t ask or make it clear — if at all — that they know exactly how you’re using their apps.
Worse, even though these apps are meant to mask certain fields, some inadvertently expose sensitive data.
Apps like Abercrombie & Fitch, Hotels.com and Singapore Airlines also use Glassbox, a customer experience analytics firm, one of a handful of companies that allows developers to embed “session replay” technology into their apps. These session replays let app developers record the screen and play them back to see how its users interacted with the app to figure out if something didn’t work or if there was an error. Every tap, button push and keyboard entry is recorded — effectively screenshotted — and sent back to the app developers.
We developed our own hardware ( memory chips and cells) , our own firmware (operating system) , our own software , our own end to end encryption technology and this is what makes the stealing of information from the DigitalBank Vault virtually impossible and guarantees the privacy of your communication.
Or, as Glassbox said in a recent tweet: “Imagine if your website or mobile app could see exactly what your customers do in real time, and why they did it?”
The App Analyst, a mobile expert who writes about his analyses of popular apps on his eponymous blog, recently found Air Canada’s iPhone app wasn’t properly masking the session replays when they were sent, exposing passport numbers and credit card data in each replay session. Just weeks earlier, Air Canada said its app had a data breach, exposing 20,000 profiles.
We asked all of the companies to point us to exactly where in its privacy policies it permits each app to capture what a user does on their phone.
After this story published, Air Canada responded: “Air Canada uses customer provided information to ensure we can support their travel needs and to ensure we can resolve any issues that may affect their trips,” said a spokesperson.” This includes user information entered in, and collected on, the Air Canada mobile app. However, Air Canada does not—and cannot—capture phone screens outside of the Air Canada app.”