Apple is Planning to Take Action Against Apps That Secretly Record Your iPhone’s Screen

If you think that the process of iPhone App Development is fully secure and everyone doing it follows all of the Apple’s App Store Guidelines, then read this article to know how many app developers are not following them properly. Recently there was TechCrunch’s report that there are certain iOS apps which are using technology from a company called Glassbox to record the activities of a user who uses their apps.

Actually there are many apps and online services you use which sometimes gather your data and use it for analytics or advertising purposes. These were not at all a problem or major issue. These apps were following the guidelines about whether to ask you for permission, whether your data is used fairly and in accordance with the law and whether it is transferred and stored securely.

It is the responsibility of the iOS App Development Company to follow the guidelines laid out by Apple for them. But the recent TechCrunch investigation and report claims that some of the popular iPhone apps fails on these things. Apps from companies like Air Canada, Expedia, Hollister and Hotels.com record everything you do on your phone’s screen while you use them without asking for your permission.

TechCrunch has done this investigation in collaboration with an analytics company App Analyst and has said that these apps use technology from a company called Glassbox, which creates so called “session replays”, letting app owners see exactly how their customers are behaving while using their apps.

Now when businesses Hire iOS App Developer then they should make sure that he is not using Glassbox technology to spy on the data of the users in the pretext of doing analytics. Experts at App Analyst company found about how some of these iOS apps are sending this data and how not all of them properly masked sensitive data such as passwords or other personal information of the users. They further said that in the particular case of Air Canada’s app, there was an instance in which the app even sent the customer’s credit card information without encrypting it. TechCrunch further says that none of these apps ever warned the users about what they are doing while recording their actions and they also didn’t mention it in their privacy policies.

Glassbox - the technology behind these actions clearly tell about their service. Their Twitter handle says, "Imagine if your website or mobile app could see exactly what your customers do in real time, and why they did it? This is Glassbox." Also in a recent tweet, Glassbox boasted about signing a deal with Air Canada which is one of the company which TechCrunch has found guilty of doing these activities of secretly recording user’s phone screen.

Air Canada actually accepted to TechCrunch what it is doing. It says that it is indeed collecting "user information entered in, and collected on, the Air Canada mobile app." The company does this to "ensure we can support their travel needs and to ensure we can resolve any issues that may affect their trips.”

After these TechCrunch’s reports about how certain iOS apps are using technology from Glassbox company to record everything a user does within the app, Apple became highly concerned about it and it has already told the app developers that they either need to disclose this to users or face getting banned from the Apple’s App Store.

"Our App Store Review Guidelines require that apps request explicit user consent and provide a clear visual indication when recording, logging, or otherwise making a record of user activity. We have notified the developers that are in violation of these strict privacy terms and guidelines, and will take immediate action if necessary,” an Apple spokesperson told TechCrunch.

As per TechCrunch, Apple is sending developers an email saying that apps "must request explicit user consent and provide a clear visual indication when recording, logging, or otherwise making a record of user activity." The company has reportedly given developers less than a day to remove Glassbox's code from their app and resubmit it. Otherwise, the app would be removed from Apple's App Store at any time.
In response to these developments, Glassbox says that the company’s goals are "to improve online customer experiences and to protect consumers from a compliance perspective." The company says it's a strong supporter of user privacy and security, that it "meets the highest security and data privacy standards" and that it provides its customers (the app developers) with tools to mask "every element" of personal data. Furthermore, Glassbox says it believes its customers should have "clear policies in place so that consumers are aware that their data is being recorded."
Glassbox clarifies that the problem is not due to its technology but because of its poor implementation. It says that the problem lies mainly with some of the app developers who use its technology, firstly because they don't disclose it to their users, and secondly because they haven't implemented it correctly. Whatever is the case, it is good that finally Apple is taking actions against the irresponsible use of this technology by first warning the companies which are using Glassbox technology and then taking actions against such apps by even not hesitating to ban them from the App Store.
Glassbox told TechCrunch that it "cannot break the boundary of the app," but it did say it has a "unique capability to reconstruct the mobile application view in a visual format," which it calls "another view of analytics." Although Glassbox is not the only company which provides such kind of service. There were some Android based apps too which provided similar technology or service and it was later found that they were too used in such a way that’s not always transparent to the users. So the problem is not only with some of these iOS based apps but the same problem has also been faced with some of the Android apps as well.

Conclusion

The thing to note here is that, most of these companies are trying to give explanation for their this kind of act. When asked, they say that they are only using their users’ data to improve their user experience only. But even if their intentions are pure and legal, they should still disclose exactly what they are doing, take permissions from the users about such kind of their acts of secretly recording their phone’s screen and moreover they should take every measure possible to protect their users’ sensitive data. But till now these companies have not done anything like these things and hence Apple may ban many of these apps in near future which is actually a good step in this kind of situation as it will restore the confidence of users while using many of such iOS apps.