Apple might be in a bit of a soup this time, as many Apps on its app store are recording its users’ mobile device screens. Many popular iOS apps like Hotels.com, Abercrombie & Fitch and Expedia are collecting user information about everything they are doing using Glassbox’s ‘session replay’ technology, a report claimed.
The tech allows app developers to search and enhance the issues users face using the app by recording what the user is doing at a granular level. This recording and transferring of data puts the user’s information at a risk. As the sensitive data can be used by someone other than the company. And if such sensitive information which are contained in the session replays aren’t effectively masked then it could be used against the users.
A researched named App Analyst found and flagged this issue. He also reported that Air Canada (an app which uses Glassbox for analytics just like Expedia) was capturing screenshots which contained user’s passwords and other sensitive information. When taking the sensitive user data black boxes are used to conceal the information of the user but sometimes, they failed to do so and the user information was visible. The system which were supposed to do this failed and the user’s passwords, their payment history and other sensitive information was also captured during the screen recordings. If those screenshots were stored or stolen, it could be a serious security issue.
Apple hasn’t done anything about Glassbox or even addressed the problem. It was only days ago when Apple deleted many apps from its App Store because they violated its terms and conditions. Other apps who provide similar services as Glass Box are UXCam and Appsee.
Last week a bug in Apple’s Facetime app let the users listen across the phone call even if the call wasn’t picked. And after some days we find that Facebook is also spying on children.
With digital security getting violated by the most prominent companies and world tech leaders it may not be too late before we are forced to delete these apps and stop trusting these so-called leaders of tech world. There should be strict rules and regulations to regulate these companies before they do some ‘real’ damage.