phone
(Photo by Praveesh Palakeel on Unsplash)
  • Popular iPhone apps are recording their users' every tap and swipe, according to a TechCrunch report.
  • According to the report, customer analytics firm Glass box allows its customers to record user activity without disclosing that they are doing so.
  • Glassbox customers reportedly include major companies like Abercrombie & Fitch, Expedia, and Air Canada.
  • Screen recording is so sensitive that historically, Apple does give third-party developers the ability to carry out the practice.

Some popular iPhone apps may be violating Apple's rules by secretly recording every single tap and swipe consumers make while using the apps.

The revelation comes via a TechCrunch report on Wednesday which describes how the customer analytics firm Glassbox allows its customers - which include major companies like Abercrombie & Fitch, Expedia, and Air Canada - to record user activity and use those recording to make product improvements.

Essentially, every time a user taps on the screen, pushes a button, or types on a keyboard within a specific app, that activity is screenshotted and sent to the app's developer.

Other Glassbox customers include Hollister, Hotels.com, and Singapore Airlines, according to its website.

The recordings are apparently only activated when a consumer is inside an app that's using the Glassbox technology, and not when the consumer is going about other business on their phones. But the practice poses problems because, as TechCrunch found, none of Glassbox's customers make mention of screen recording in their privacy policies or iOS terms and conditions. And according to TechCrunch, Glassbox said it does not require customers to mention its usage in their terms.

TechCrunch also raised the issue of what happens when a user enters sensitive information into an app, like credit card or passport numbers. As the report discovered, Glassbox is supposed to obfuscate this information, but that doesn't happen all the time. As a result, sensitive customer data can potentially be broadly exposed to employees responsible for a company's app development, and vulnerable to data breaches.

The practice of screen recording is so sensitive that historically, Apple has not given third-party developers the ability to do so. That's why users were shocked to learn in 2017 that Uber had been provided special permissions by Apple to record their screen and access other personal information without their knowledge.

Read more: Apple's FaceTime has a major bug that lets others listen in on you before you answer the call

"Granting such a sensitive entitlement to a third party is unprecedented, as far as I can tell," Will Strafach, a security researcher who discovered the Uber situation, told Business Insider at the time of the Uber situation. "No other app developers have been able to convince Apple to grant them entitlements they've needed to let their apps utilize certain privileged system functionality."

Apparently, Glassbox has figured out a way around Apple, allowing its customers to embed its technology into their apps without any special permissions.

Glassbox and Apple did not immediately respond to Business Insider's requests for comment.

For more go to Business Insider South Africa.

Receive a single WhatsApp every morning with all our latest news: click here.

Also from Business Insider South Africa: