And with regards to the whole "data mining" uproar here this is about the least efficient way for a company to data mine its users. A feature like this is usually used to reproduce a bug that a customer is reporting or better assist with customer support. Maybe on an edge case they'd pick out a representative session of an interaction they value or are trying to improve and watch it to make UX changes. But all the data apps have about their customers is in a structured database, not captured from UI elements and then OCR'd.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Some Popular iPhone Apps Secretly Record Your Screen for Analytics Purposes
- Thread starter MacRumors
- Start date
- Sort by reaction score
I won’t get rid of my banking app it’s just too useful.
I have BoA and the app is flawless I would be pretty pissed if it were capturing my screen images.
[doublepost=1549504312][/doublepost]
I just assume every one and everything is spying on me.
Why does it matter to you that they're capturing an image of the content that they drew for you on the screen?
Email Apple that this is unacceptable. They say that they promote privacy? Then they should do something about it or they’re just lying to all of us.
Multiple popular iPhone apps from major companies are using intrusive analytics services that capture detailed data like taps, swipes, and even screen recordings without customer knowledge, reports TechCrunch.
Apps that include Abercrombie & Fitch, Hotels.com, Air Canada, Hollister, Expedia, and Singapore Airlines are using Glassbox, a customer experience analytics firm that lets developers use "session replay" screen recording technology within their apps.
Session replays let developers screenshot or record or a user's screen and then play back those recordings to see how users interact with their apps. Taps, button pushes, and keyboard entries are all captured and provided to app developers.
Some apps, such as Air Canada, don't properly mask data that's recorded, exposing information like passport numbers and credit card information. Air Canada employees with access to the screenshot database can readily see this data.
TechCrunch had mobile app expert The App Analyst look at some of the apps that Glassbox lists as a customer. Not all apps leaked masked data, and most appeared to be obfuscated, but there were instances where email addresses and postal codes were visible.
"Since this data is often sent back to Glassbox servers I wouldn't be shocked if they have already had instances of them capturing sensitive banking information and passwords," The App Analyst told TechCrunch.
As TechCrunch points out, all of the apps have a privacy policy, but not one makes it clear that they're recording a user's screen. Glassbox does not require special permission from either Apple or the user to record the screen, and without checking specific app data, there is no way to know if an app is doing this.
Glassbox also does not require its customers to mention the usage of the screen recording feature in their privacy policies.There are other analytics companies that have practices similar to Glassbox, like Appsee and UXCam, and there are a lot of major companies that are using this kind of technology, based on their customer lists. This kind of tracking is also not limited to iOS apps -- it can be done on the web as well.
With no way to detect that this is going on, all customers can do is refuse to use the apps and services of companies that are found to be engaging in shady analytics tracking purposes without clear privacy policies.
Article Link: Some Popular iPhone Apps Secretly Record Your Screen for Analytics Purposes
Since iPhone apps only renders one app at a time, ALL that data is already in their hands. Isn't this article just a case of "The sky is falling!!!" to rattle Macrumors readers.
Air Canada is a private company independent of the government here, much like American Airlines is a private company independent of the American government. But maybe you knew that and I just misunderstood your post.
Apple is doomed!
Actually nosy analytics snooping has always been around and I knew it was just exactly this nosy. They tell you if you read the fine print on most of these apps. I always decline to participate in sending analytics data if they ask.
What's new to me is that sensitive authentication data might be visible some of the time and seen by actual humans. Yikes. Who wants that? Nobody.
I've read a lot of Google references here and the concern about them is legitimate to some degree, they're incredibly greedy for your data, but they do spell out what they collect and all the permissions you can check and uncheck on the latest versions of Android give a really good and rather chilling picture of what they might be picking off of your devices. Some of it you can opt out of, some it's optional but makes your apps suck.
However most of what Google collects is handled by AI, not other people like that really bad date from Tinder you'd rather forget, who happens to work in IT at a company Google does business with.
That being said, I don't assume any level of privacy whatsoever and really do imagine some goober has the capability to sit at his desk somewhere laughing his butt off that I looked up whether Bebe Rexha ever had a nose job. Which I did exactly that yesterday, because I sometimes wonder about these things when people have really great noses, with my own nose being such a trainwreck and all.
For the record she denies it, but I have my doubts.
Actually nosy analytics snooping has always been around and I knew it was just exactly this nosy. They tell you if you read the fine print on most of these apps. I always decline to participate in sending analytics data if they ask.
What's new to me is that sensitive authentication data might be visible some of the time and seen by actual humans. Yikes. Who wants that? Nobody.
I've read a lot of Google references here and the concern about them is legitimate to some degree, they're incredibly greedy for your data, but they do spell out what they collect and all the permissions you can check and uncheck on the latest versions of Android give a really good and rather chilling picture of what they might be picking off of your devices. Some of it you can opt out of, some it's optional but makes your apps suck.
However most of what Google collects is handled by AI, not other people like that really bad date from Tinder you'd rather forget, who happens to work in IT at a company Google does business with.
That being said, I don't assume any level of privacy whatsoever and really do imagine some goober has the capability to sit at his desk somewhere laughing his butt off that I looked up whether Bebe Rexha ever had a nose job. Which I did exactly that yesterday, because I sometimes wonder about these things when people have really great noses, with my own nose being such a trainwreck and all.
For the record she denies it, but I have my doubts.LOL, where's the privacy? The "Privacy'?? Turns out the App Store is just like any other regular App Store.
#whathappensinyouriphonestaysonthirdpartyservers
#whathappensinyouriphonestaysonthirdpartyservers
Finally someone who understands it fully. Thought I was the only one.there is actually no screen recording. It’s assemled as a video. You can do this on almost all platforms, websites, android etc. This is not actually recording your screen, that would require your permission.
There is no screen recording! For that you do have to provide your permission. For instance if the system keyboard came up while you were in one of those apps, that would not be part of the supposed “screen recording”. Simply put there is no issue here; people ar being mis informed by the misleading term “screen recording”, there is no screen recording
There's a saying... "Life's a ..." You can imagine the rest. Apple deserves this, not for what you and the other gentleman pointed out, but Apple's froufrou commentary on privacy when they can't inspect submissions to the App store. That's laziness.
Besides, I doubt the NSA hasn't bypassed any and all of Apple's security measures without Apple being aware. I'm sure there's an analyst out there watching people doing something through the lens of their camera.
There is not a lot that can be done with data being harvested by legitimate apps using legitimate apis, sent to some back-end and then sent off from there. It's a scummy business practice, but with millions of apps in the store a list of 8 is not very long. (It would be better with disclosure)
Hopefully Apple deals with these, but I don't think much can be done except public shame.
Thankfully I don't use any of those apps.
I'm not sure you can get that when taking a self screenshot. I'd have to test that.
My guess is that this worked by continuously grabbing self screenshots. If so, it's ugly and careless but not insanely bad. An app can read passwordField.text, for instance. That's how apps work.
I'm just trying to think of how this would work without private API, which presumably they don't have access to.
The assumption being it's just these 8. I suspect there's more, honestly. A while back Apple revoked a few apps that were simply spying on people. Android has this problem, too, but at least those stick out like a sore thumb. Crap and illiterate reviews coupled with a Mickey Mouse rendition of an app done by someone who was likely tripping on acid.
The session recreation, in and of itself, may sound creepy, but it's not. As others have stated, it's been used for years and for valid reasons.
Worry about this:
Too many companies of late have been allowing data leakage, both internally, and when collaborating with third parties (Ring, for a recent example).
Worry about this:
Too many companies of late have been allowing data leakage, both internally, and when collaborating with third parties (Ring, for a recent example).
That’s why Apple should clarify and/or push the devs of those apps to come clear and tell people what they do and do not do.
Time for Apple to break out the Lawyers and sue them into the ground!
[doublepost=1549507442][/doublepost]
[doublepost=1549507442][/doublepost]
Greed always finds a way, unfortunately.