- Southwest Airlines passengers receive free Nintendo Switch consoles and Mario Maker 2 Wednesday 9:10 PM
- The Deplorable Choir drops diss track aimed at 4 congresswomen from Trump’s racist tweets Wednesday 8:09 PM
- Florida city is pushing homeless people out by playing ‘Baby Shark’ on a loop Wednesday 7:27 PM
- A ‘Gossip Girl’ reboot is coming to HBO Max–and fans are not happy with the casting details Wednesday 6:44 PM
- Beto can’t leverage his slave owner ancestry to gain Black voters’ trust Wednesday 5:51 PM
- Oakland to become the third U.S. city to ban facial recognition Wednesday 5:50 PM
- ‘Release the Snyder Cut’ billboards pop up outside of San Diego Comic-Con Wednesday 5:24 PM
- Iggy Azalea and Peppa Pig have an epic Twitter fight Wednesday 4:39 PM
- Should you be concerned about your privacy on FaceApp? Wednesday 4:15 PM
- Google ‘terminates’ Dragonfly, its censored search engine for China Wednesday 3:33 PM
- AOC rips Facebook during Libra House hearing Wednesday 3:14 PM
- The time traveler conversation meme finds its way to TikTok Wednesday 2:52 PM
- Grimes claims she had an ‘experimental’ eye surgery and practices sword fighting Wednesday 2:42 PM
- 70 Border Patrol employees under investigation for posts in secret Facebook group Wednesday 1:45 PM
- Republican’s Operation Safe Return criticized as cover for mass deporation Wednesday 1:42 PM
William Hook/Flickr (CC-BY-SA)
Several popular iPhone apps have been caught recording users’ screens despite never asking for permission, TechCrunch reports.
Companies including Abercrombie & Fitch, Air Canada, Expedia, Hollister, Hotels.com, and Singapore Airlines were found to be gathering screen data while never mentioning the capability in their privacy policies.
Some of the apps were even collecting and inadvertently exposing sensitive customer information in the process, such as data regarding passports, credit cards, and even passwords.
According to TechCrunch’s Zack Whittaker, many of the apps rely on Glassbox, a customer service analytics company. Glassbox utilizes “session replay” technology, which lets app developers record and play back screen activity for troubleshooting purposes.
A mobile device expert known as the App Analyst explained how data captured by the apps often failed to conceal private information. In the case of Air Canada, the expert found the app wasn’t masking replays from users’ screens.
“This gives Air Canada employees—and anyone else capable of accessing the screenshot database—to see unencrypted credit card and password information,” the App Analyst said told TechCrunch.
After examining the apps that relied on Glassbox, the mobile expert warned of the potential for similar data exposure.
“Since this data is often sent back to Glassbox servers I wouldn’t be shocked if they have already had instances of them capturing sensitive banking information and passwords,” the App Analyst added.
When asked by TechCrunch why their privacy policies failed to mention the screen-grabbing feature, each company responded with vague answers. The App Analyst argues that users can’t make decisions about their data if they aren’t properly informed.
- The best free password managers
- What’s the most secure operating system?
- How to encrypt an iPhone in seconds
Mikael Thalen is a tech and security reporter based in Seattle, covering social media, data breaches, hackers, and more.