Apple Warns App Makers Recording iPhone Screens

Yolanda Curtis
February 9, 2019

Apple has investigated claims that some iOS apps secretly record your screen as you use them, telling developers that use such code that they could be removed from the App Store. It uses "session replay" technology that lets a developer record and capture everything you do in the app. But it's not the only app to gather information about what users are up to, and to feed this back to developers.

So basically, with the help of Glassbox and other similar session replay services, companies are essentially monitoring every move you make on their app. App developers are now being told to either remove or disclose their use of codes in their app, which screen records the users' interaction within a particular app, under the App Store guidelines. If any of Glassbox's customers are not correctly masking data, it could be problematic, The App Analyst told TechCrunch.

The Glassbox software uses a feature called session replay, which makes it possible for developers to take screenshots or even create a recording of the user activity. For the most part, not withstanding bugs like the FaceTime one exposed by a teenager, Apple does a good job of telling you when an app is accessing personal data such as location services or contact information.

The corporations in question include Air Canada, Hollister and Expedia, as well as Abercrombie & Fitch, and Singapore Airlines. There's literally no way a user can know their screen was being recorded all this time. In Air Canada's case, the TechCrunch investigation did not find any mention in its privacy policy that suggests the app sends screen data back to the airline.

TechCrunch asked each company where in their privacy policies it allows them to capture what users do on their phones.

Among other companies, sending their "session replays" to Glassbox were Hollister and Abercrombie & Fitch, while Expedia and chose to send them to their own domain server.

The company does this, its spokesperson said, to "ensure we can support their travel needs and to ensure we can resolve any issues that may affect their trips".

In August of 2018, Air Canada reported that its mobile app suffered a data breach, resulting in the profile information of 20,000 users, including passport numbers and other sensitive data, being leaked.

In a recent tweet, Glassbox boasts about signing a deal with Air Canada, one of the apps TechCrunch has found to be among the worst offenders.

The other companies did not respond to requests for comment from the tech news site. In addition, Glassbox has stated that its service is meant to help its clients improve the user experience on their apps and nothing more. Finally, Glassbox says it provides its customers with "with the ability to mask every piece of data entered by a consumer, restrict access to authorized users, and maintain a full audit log of every user accessing the system".

Other reports by iNewsToday