Some iOS apps track every tap or swipe you make

Some iOS apps track every tap or swipe you make
Apple iPhone users might not be aware that some of the apps they use are recording each and every move that they make while using the app. Even worse, some of these apps appear to mask sensitive data but are actually recording credit card numbers, social security numbers, and other information that most people would prefer not to give out. According to Tech Crunch, apps from carriers, airlines, travel sites, banks and others don't tell you that they are doing this.

A company called Glassbox is one of a few companies that offer app and website developers technology that allows them to record the screen and watch how users navigated their app. By reviewing the taps and swipes made by an iPhone user while using an app, a developer can see if certain features of the interface failed to do the job they were designed to do. Glassbox posted a tweet recently that said, "Imagine if your website or mobile app could see exactly what your customers do in real time, and why they did it."

The App Analyst, who posts his analysis online about how apps collect user data, recently pointed out that the Air Canada iOS app uses Glassbox. The technology is used to capture numerous screenshots during a user's session with the app. Even though Glassbox allows developers to have sensitive fields blacked out so that the screenshots they take don't reveal any personal information, it turns out that some of the screenshots captured by the Air Canada app do show some of this personal data.

When creating a new account, or resetting a password on the Air Canada app, the screenshots taken by the app do reveal a user's password quite clearly. According to The App Analyst, if either Air Canada or Glassbox were to save the passwords that can be seen via these screenshots, the pair would be going against industry standards. Consider that last August, Air Canada had a data breach that affected 20,000 users of its app. Talking about screenshots that reveal personal info, The App Analyst says, "Since this data is often sent back to Glassbox servers I wouldn’t be shocked if they have already had instances of them capturing sensitive banking information and passwords."

While apps in the Apple App Store need to include a privacy policy, none of them mention anything about recording the usage of the app. Glassbox does not require Apple, nor the app user, to give it special permission. As a result, there is no way of knowing if the apps you use on your iPhone are recording every move you make and passing along personal data.

Screenshots collected by Air Canada show user's password when creating a new account, or resetting the password

Screenshots collected by Air Canada show user's password when creating a new account, or resetting the password

FEATURED VIDEO

14 Comments

2. Truthalltime

Posts: 40; Member since: Dec 08, 2018

And somehow android is unsafe

3. mootu

Posts: 1411; Member since: Mar 16, 2017

What happens on iPhone doesn't stay on iPhone.

4. midan

Posts: 2576; Member since: Oct 09, 2017

Unaccaptable! Good that this thing came public so the pressure is big for these companies to fix this. I just found out that this same is possible just visiting websites from computer for example.

6. mootu

Posts: 1411; Member since: Mar 16, 2017

Why would they "fix it"? These companies have chosen to use Glassbox for this reason and want all the info they can get on you and it's not violating Apples terms of service. So unless Apple changes it's policy and blocks it then things won't change.

8. midan

Posts: 2576; Member since: Oct 09, 2017

"it's not violating Apples terms of service." how you know that? "Why would they "fix it"?" if they want to keep their users? people are already removing these apps.

11. slashas

Posts: 124; Member since: Jul 17, 2017

It is violating European Union law, we are Europeans more protected than other parts of the world regarding personal data collection without user permission.

14. mootu

Posts: 1411; Member since: Mar 16, 2017

No it's not as users are accepting terms when installing these apps, they just can't be bothered to read the terms.

5. Gryffin

Posts: 42; Member since: Dec 19, 2018

In modern world, privacy is just a myth.

9. Vinayakn73

Posts: 207; Member since: Oct 05, 2011

companies need to follow circle movie. We need emma watson in out world to expose all CEO's. bloody beggars begging for data. Even hell would ban them to enter in,

13. sissy246

Posts: 7002; Member since: Mar 04, 2015

So much for the iphone not having this kind of stuff happen.

* Some comments have been hidden, because they don't meet the discussions rules.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.