Several popular iPhone apps are recording screen taps and swipes without informing the user, much less asking for their permission. Popular iPhone apps from hoteliers, travel sites, airlines, cell phone carriers, banks and financiers are reportedly recording user’s activity on the apps without informing them.
Although, the goal behind these recordings is to see how customers interact with apps, to study their use of it in order to improve it. The side effects, however, are less than innocent as these apps are meant to mask certain fields, some inadvertently expose sensitive data.
TechCrunch noted that apps like Air Canada, Hollister, Expedia, Abercrombie & Fitch, Hotels.com and Singapore Airlines use Glassbox, a customer experience analytics firm. The service provides a “session replay” technology that effectively screenshots the screen to capture every tap and keyboard entry.
These screenshots are either sent for analysis either to the app developers directly or to Glassbox, who then sends them to the app makers.
“Imagine if your website or mobile app could see exactly what your customers do in real time, and why they did it?”, said Glassbox as quoted by TechCrunch.
The App Analyst said that while Hollister and Abercrombie & Fitch sent their session replays to Glassbox, others like Expedia and Hotels.com opted to capture and send session replay data back to a server on their own domain.
At the moment, it isn’t clear if the apps are in violation of any of Apple’s policies but the very fact that they do so secretly is already a red flag. With no way to detect that this is going on, all customers can do is refuse to use the apps and services of companies that are found to be engaging in shady analytics tracking purposes without clear privacy policies.