Disclose Screen Recording or Get Booted from App Store

upnorth

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,457
Apple has begun notifying developers who use screen-recording code in their apps to either properly disclose it to users or remove it entirely if they want to keep their apps in the App Store. The move comes after a TechCrunch report showed that many apps do not disclose such activity to users at all, and some sensitive user data has been compromised through screen recordings.

"Protecting user privacy is paramount in the Apple ecosystem," an Apple spokesperson told TechCrunch. "Our App Store Review Guidelines require that apps request explicit user consent and provide a clear visual indication when recording, logging, or otherwise making a record of user activity." The initial report highlighted third-party analytics code used by Air Canada, Expedia, Hotels.com, Hollister and other companies in their mobile apps that allows them to record the screens of users while they navigate the app. These "session replays" are designed to help developers work out kinks, make informed UI decisions, and better inform them on how users are interacting with their apps in general. However, many apps do not tell users that their activity is being monitored by screen-recording code. Also, some session replays reportedly compromised sensitive user information. While they are designed to mask such data, TechCrunch reported that Air Canada's app was not properly masking information such as users' passport and credit card numbers.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top