Some iOS apps, many of which are very popular, apparently secretly record a phone's display for analytical reason. Session replay allows the developers to see and record every tap, swipe and keystroke the user makes. "Imagine if your website or mobile app could see exactly what your customers do in real time, and why they did it?"
A mobile device expert known as the App Analyst explained how data captured by the apps often failed to hide private information. But it also captured sensitive information such as passwords and credit card numbers. "However this attempt has failed, potentially condemning a user's sensitive data to residing in various screenshots stored by Air Canada".
The process in question usually involves a third-party analytics gathering company that embeds its technology in the app's code. Apple is now cracking down on these apps and requiring more transparency, too. Should companies be more explicit about the way that apps feed back information to developers?
Get hands-on experience in performing simple to complex mobile forensics techniques Retrieve and analyze data stored not only on mobile devices but also through the cloud and other connected mediums A practical guide to leveraging the power of mobile forensics on popular mobile platforms with lots of tips, tricks, and caveats. So, not too bad.
Another problem: the recordings reveal sensitive data. The App Analyst said that data was "mostly obfuscated".
The researcher said Singapore Airlines also collected session replay data but sent it back to Glassbox's cloud.
Apple's love of privacy, but it turns out some iPhone apps might be recording users' screens without them knowing it. So really, there's no way to know. "This information helps companies better understand how consumers are using their services, and where and why they are struggling", a Glassbox spokesperson told Mashable.
However, they often fail to ask for user permission and don't denote the shady activity in their privacy policies. Glassbox provides its customers with the tools to mask every element of personal data. The company said it was not "spying" on users, but helping improve the user experience, adding that consumers should be informed by companies that their data is being recorded. The session replays allow app developers record what's happened so they can follow up on errors.
But the apps could be recording - and sending - materials that users wouldn't be happy about, including credit card details, the App Analyst has warned.
A spokesperson for Glassbox told Fox News that the data they collect is not shared with third parties, nor enriched through external sources.