istock-anyaberkut-875258378.jpg
(Credit: anyaberkut/iStockphoto)

TechCrunch discovered popular iPhone apps Abercrombie & Fitch, Hollister, Expedia, Hotels.com, Singapore Airlines and Air Canada were tracking everything users were doing in their apps.

Some of the apps were using customer experience analytics firm Glassbox's "session replay" technology. Session replay allows the developers to see and record every tap, swipe and keystroke the user makes.

Glassbox is designed to mask sensitive information like credit card numbers, but not all the apps using it are masking the data fields properly. Screen recordings are sent back to app developers through Glassbox's servers. This means anyone with access to those servers could see your unmasked sensitive data.

SEE: How Spotify, Yelp, and other popular apps use tools to track you even after you uninstall them

Additionally, app developers aren't required to tell users about the surveillance or potential risks under Glassbox's policies.

"Imagine if your website or mobile app could see exactly what your customers do in real time, and why they did it?" Glassbox's bio reads on Twitter.

None of the apps that were found to be recording their users' screens said they were doing so in their privacy policies.

But when questioned about it, Abercrombie & Fitch and Singapore Airlines cited similar reasons for using Glassbox.

Both companies told TechCrunch that using session replay helped them create a better experience for users and troubleshoot errors.

Glassbox isn't the only company that provides this service or similar services.

Developers can benefit from knowing what their apps are doing well and where they can improve. However, the steps that some developers take to collect this information can feel intrusive and violate a user's privacy unless developers are clear and upfront about how they collect user data.

FOLLOW Download.com on Twitter for all the latest app news.

Takeaways

  1. Popular iOS apps Abercrombie & Fitch, Hollister, Expedia, Hotels.com, Singapore Airlines and Air Canada were tracking everything users were doing in their apps by secretly recording their screens.
  2. Some of the apps used Glassbox's session replay. This allows the developers to see and record every tap, swipe and keystroke the user makes, but developers aren't masking sensitive data.

Read more

Shelby is an Associate Writer for CNET's Download.com. She served as Editor in Chief for the Louisville Cardinal newspaper at the University of Louisville. She interned as Creative Non-Fiction Editor for Miracle Monocle literary magazine. Her work appears in Glass Mountain Magazine, Bookends Review, Soundings East, and on Louisville.com. Her cat, Puck, is the best cat ever.