Apple is cracking down on iOS apps using code by analytics firm Glassbox to secretly record everything users do within the app, giving them a day to remove the code or warn users they are being recorded.
TechCrunch earlier reported that some apps including Expedia, Hotels.com and Air Canada are using Glassbox's tech without disclosing it to users, which allow the apps to record the screen and have its developers play it back, recording button taps and keyboard entries.
Some apps even transferred sensitive user data without masking or encrypting it.
"Our App Store Review Guidelines require that apps request explicit user consent and provide a clear visual indication when recording, logging, or otherwise making a record of user activity. We have notified the developers that are in violation of these strict privacy terms and guidelines, and will take immediate action if necessary,” an Apple spokesperson told the tech news site.
Apple said it requires apps to "request explicit user consent and provide a clear visual indication when recording, logging, or otherwise making a record of user activity".
The iPhone maker reportedly gave developers less than a day to remove the Glassbox code before resubmitting their apps, or face removal from Apple's App Store.
A Glassbox spokesperson told Mashable that the company's goals are "to improve online customer experiences and to protect consumers from a compliance perspective".
The company says it is a strong supporter of consumers' privacy and security, with its code meeting "the highest security and data privacy standards" as it allows client-developers to mask pertinent details of the personal data collected. It encourages developers to be transparent with consumers so that they are aware their data is being recorded.
It blames some app developers who use its tech for non-disclosure and not implementing the code correctly.