- ‘Fake plane challenge’ takes off on TikTok Monday 8:15 PM
- Video meme of a mom dancing with her kids goes viral—again Monday 7:26 PM
- ‘Due to personal reasons’ meme enables questionable behavior Monday 3:36 PM
- Why do white rappers write lyrics about being good hypothetical dads? Monday 3:29 PM
- Roger Stone posts, then deletes, Instagram of his judge with small crosshairs next to her Monday 2:32 PM
- People are Googling Rihanna and their birthday in a Twitter challenge Monday 2:13 PM
- Here are all of the Fortnite earthquake cracks thus far Monday 1:21 PM
- New Apex Legends characters leaked by data miners Monday 12:36 PM
- Ken Jeong falls back on crude humor and lazy stereotypes in ‘You Complete Me, Ho’ Monday 12:24 PM
- 14 artsy cartoon mugs that’ll help make your days more creative Monday 12:15 PM
- Netflix cancels ‘Jessica Jones’ and ‘The Punisher’ Monday 11:26 AM
- YouTube is fueling the rise in flat earth believers Monday 11:04 AM
- Review: Crackdown 3 is not a world worth saving Monday 11:00 AM
- Scathing privacy report calls Facebook a ‘digital gangster’ Monday 10:50 AM
- 21 Savage goes deep on 21 Savage memes Monday 10:49 AM
William Hook/Flickr (CC-BY-SA)
Several popular iPhone apps have been caught recording users’ screens despite never asking for permission, TechCrunch reports.
Companies including Abercrombie & Fitch, Air Canada, Expedia, Hollister, Hotels.com, and Singapore Airlines were found to be gathering screen data while never mentioning the capability in their privacy policies.
Some of the apps were even collecting and inadvertently exposing sensitive customer information in the process, such as data regarding passports, credit cards, and even passwords.
According to TechCrunch’s Zack Whittaker, many of the apps rely on Glassbox, a customer service analytics company. Glassbox utilizes “session replay” technology, which lets app developers record and play back screen activity for troubleshooting purposes.
A mobile device expert known as the App Analyst explained how data captured by the apps often failed to conceal private information. In the case of Air Canada, the expert found the app wasn’t masking replays from users’ screens.
“This gives Air Canada employees—and anyone else capable of accessing the screenshot database—to see unencrypted credit card and password information,” the App Analyst said told TechCrunch.
After examining the apps that relied on Glassbox, the mobile expert warned of the potential for similar data exposure.
“Since this data is often sent back to Glassbox servers I wouldn’t be shocked if they have already had instances of them capturing sensitive banking information and passwords,” the App Analyst added.
When asked by TechCrunch why their privacy policies failed to mention the screen-grabbing feature, each company responded with vague answers. The App Analyst argues that users can’t make decisions about their data if they aren’t properly informed.
- The best free password managers
- What’s the most secure operating system?
- How to encrypt an iPhone in seconds
Mikael Thalen is a freelance journalist based in Seattle, covering all things technology, including social media, data breaches, hackers, and more.