Travel

Air Canada's mobile app is recording your location, passwords and credit card information

  • Last Updated:
  • Feb 9th, 2019 5:19 pm
[OP]
Deal Addict
Aug 17, 2008
2815 posts
1778 upvotes

Air Canada's mobile app is recording your location, passwords and credit card information

The App Analyst (http://theappanalyst.com/aircanada.html) has an in depth article, including a video of how "Air Canada's mobile app, which allows their customers to book and manage flights, tracks users with Glassbox Digital analytics. This enables Air Canada to determine device characteristics, collect precise location information, and take screenshots of the users' device."

Other companies using Glassbox include, Singapore Airlines, Expedia, Hotels.com, Expedia, Abercrombie & Fitch and Hollister,

Techcrunch has an article on the broader use of Glassbox, https://techcrunch.com/2019/02/06/iphon ... reenshots/

h/t to Engadget and for posting a response from Glassbox
9 replies
Deal Addict
User avatar
Aug 14, 2001
3638 posts
1586 upvotes
Yesva Scotia
I'll never fly with Air Canada again! Face Screaming In Fear
Deal Addict
Mar 1, 2016
1092 posts
394 upvotes
toronto
so when I use it, it will give me nearest airport as departure flight and I won't have to enter my credit card info ?
Deal Addict
User avatar
Feb 14, 2009
1280 posts
514 upvotes
b0ne wrote:
Feb 8th, 2019 8:46 am
I'll never fly with Air Canada again! Face Screaming In Fear
Yes, and I never will use cells, credit cards and internetS !
They all devil means to steal our souls and sell them to
marketing companies. And hackers will steal our souls from
marketing analytics...

S.O.S.

Cheers!
Deal Guru
User avatar
Jun 12, 2007
14279 posts
3608 upvotes
London
foreigncontent wrote:
Feb 8th, 2019 9:25 am
so when I use it, it will give me nearest airport as departure flight and I won't have to enter my credit card info ?
Reading the article, it looks like the problem is that air Canada is storing screenshots of the app as you use it. One of the screens they save has your credit card information. It’s suppose to be blanked out, but it can be easily recovered.

Credit card information is supposed to handled in compliance with PCI standards. These screenshots aren’t because it’s was wrongly assumed there’s no credit card info.

If the database where these screenshots are stored becomes exposed, all the credit card info will become public just like what happened at NCIX. (Ie air Canada disposes of an old server without wiping the data, there’s credit card info that will be exposed)
Deal Fanatic
Feb 15, 2006
8331 posts
2614 upvotes
Toronto
tequilla wrote:
Feb 8th, 2019 10:34 am
Yes, and I never will use cells, credit cards and internetS !
They all devil means to steal our souls and sell them to
marketing companies. And hackers will steal our souls from
marketing analytics...

S.O.S.
You can't get away. Check the chip in the back of your neck.

You didn't know? It's standard procedure in the hospital (to install), unless you were born in the jungle and never went to hospital.
Deal Addict
User avatar
Sep 22, 2005
3229 posts
2297 upvotes
Ottawa
Thanks for the alert OP about this and Glassbox. I don't have AC app but will keep that in mind about other apps.
Penalty Box
Feb 22, 2016
3361 posts
2557 upvotes
b0ne wrote:
Feb 8th, 2019 8:46 am
I'll never fly with Air Canada again! Face Screaming In Fear
And you should swear off Apple and Google products too while you're at it, if being totally incognito is so important to you... better yet, swear off the Internet and the grid and go live in the woods like the Unabomber. Then you KNOW you're "safe"...
Friendly reminder: South Street is the second coming of Licks, and Works Burger is a bad ripoff of Red Robin put out by those purveyors of garbage, MTY Shit Restaurants Group.
Deal Expert
User avatar
Aug 18, 2005
18715 posts
3332 upvotes
GTA West
This is like the next Carrier IQ 'rootkit' scandal.

More like this is a toolkit used to debug applications and figure out what users are doing, so software can be improved and problems can be resolved.
Recording the sensitive information is more like a side effect. I'm not saying I agree with it or that it's right, but I can say there's probably no malice involved here.
Deal Guru
Feb 7, 2017
10136 posts
7434 upvotes
Eastern Ontario
Lots of Apps if one enable them as they come
WITHOUT making modifications on your own device
Have access to just about anything / everything you have on that device

It’s up to you the Consumer to know this
And then limit the App’s access

CBC Marketplace did a very interesting report on this issue
https://www.cbc.ca/marketplace/episodes/2015-2016/apps

Top