Published: Sat, February 09, 2019
IT | By Lester Massey

Popular iPhone Apps Including Expedia and Abercrombie & Fitch Secretly Record Users' Screens

Popular iPhone Apps Including Expedia and Abercrombie & Fitch Secretly Record Users' Screens

Protecting user privacy is paramount in the Apple ecosystem.

Apple's love of privacy, but it turns out some iPhone apps might be recording users' screens without them knowing it.

'We have notified the developers that are in violation of these strict privacy terms and guidelines, and will take immediate action if necessary, ' they added.

Some of the apps such as Stream Labs, a broadcasting service, already have an elaborate process to start screen recording that'll allow users to stream content. Apps like these might therefore only have to make slight modifications to comply.

"While there may be value in documenting user activity through screenshots, there is also a large amount of risk that the screenshots may capture sensitive data". Indeed, the company's Twitter profile description asks you to "imagine if your website or mobile app could see exactly what your customers do in real time, and why they did it".

Update: Apple is reportedly instructing developers to either inform and request consent from users to record user screen data, or remove the code entirely.

In the case of Air Canada's app, the airline also isn't masking Glassbox's files when they're sent from the user's mobile device to the analytics firm's servers, according to TechCrunch's report.

According to a new report, apps including those for Air Canada, Abercrombie & Fitch, Expedia, Singapore Airlines, Hotels.com, and others utilized analytics software that employed "session replay" technology to reveal how users interact with the apps.


While the software can prevent sensitive data like credit card information or passwords being recorded by blocking it out, the App Analyst found that this feature was not always successful, leading to personal information being displayed.

Dozens of popular iPhone apps are secretly recording videos of what happens on screen - and potentially exposing data such as passport numbers and credit card details.

The worst thing is that the apps do not clearly state that the screen could be recorded and require permissions to do so. Some of the apps, including Air Canada, do not properly mask the data that is recorded from the app.

"Glassbox and its customers are not interested in "spying" on consumers", Glassbox told The Verge in a statement.

One company that provides the analytics code, called Glassbox, claims it provides the code to customers so they can reduce app error rates, TechCrunch noted. "Our goals are to improve online customer experiences and to protect consumers from a compliance perspective".

The offending apps include Air Canada, Hollister, Expedia, Hotels.com, and many more. The first step, he says, is having companies be more honest about how they collect their users' data and who they share it with.

This is eyebrow-raising as apps on Apple's App Store need to have a privacy policy.

Like this: