Apple’s iOS platform get applaud for its secure environment, but nowadays it is also losing its sheen. In a recent analysis by TheAppAnalyst, a mobile expert has found that some popular iOS apps are recording your screen. Major companies such as Hollister, Expedia, Air Canada, Fitch, and other traveling and tourism-related apps are recording your screen secretly with any consent.
Earlier, the apps tend to record the cookies, user data for the sake of analytics and monetization. Now, they have moved a step ahead and started to record the whole screen without knowing the users. The favorite iPhone apps are recording every action on your phone, along with confidential information. These apps are not even masking the information such as passport number, credit card, and other sensitive data.
The significant chunk of apps like Abercrombie & Fitch use the third party technologies from Glassbox to record the”session replay” technology. In detail, the “session replay” technology allows the companies to play and record the screen. It gives the companies to look at how the user is interacting with the app to improve the app.
Recently, the source said that they have found Air Canda’s iPhone app was recording screen without properly masking the confidential data. It was exposing the user’s passport number, credit card details and sensitive data tot he companies via replay sessions. In a blog post, TheAppAnalayst expert said that “This gives Air Canada employees — and anyone else capable of accessing the screenshot database — to see unencrypted credit card and password information.”
Further, no other app was found to be not masking the sensitive app. The App Analyst used the Charles Proxy, a man-in-the-middle tool used to intercept the data sent. Although as a result, he found that the data is often transmitted back to Glassbox servers rather than the appropriate app server. In the end, he said that it is impossible to know if an app is recording the screen or not. Even the following apps have not cleared about the screen recording in their policies.
Now, Apple has to amend some policies to let users know what is happening on their devices and how Apps are using the data.