Apple gave Uber ‘disturbing’ access to users’ iphone data
APPLE granted Uber the unprecedented and “disturbing” ability to record what was displayed on customers’ iphone screens, researchers have found.
The taxi app company was given what appears to have been special permissions that let it see what was happening on users’ devices at any time, even while a different app was open, according to Sudo Security Group.
It could do this by accessing the colour data of every pixel on the display, meaning it could theoretically see what a user was doing.
If it had wanted to, Uber, or someone who had access to its system, could have monitored customers’ passwords and tracked their use of other taxi apps.
The iphone maker gave Uber the extensive access, which could amount to an invasion of privacy if used to monitor devices, to improve how the app worked with the Apple Watch.
“It looks like no other third-party developer has been able to get Apple to grant them a private sensitive entitlement of this nature,” Will Strafach, the chief executive of Sudo Security Group, told Gizmodo. “Considering Uber’s past privacy issues I am very curious how they convinced Apple to allow this.”
Uber said the “entitlement” was used to enhance its Apple Watch app as earlier versions couldn’t render maps.
“But it has been dormant for quite some time,” a spokesman said.
The company said that the function isn’t connected to any of its current features.
“We are working with Apple to remove it completely as soon as possible,” it added.
But experts said the privilege was “disturbing” and criticised Apple for having granted it to Uber without making customers aware.
Jim Killock, the executive director of the Open Rights Group, said: “Uber has not proven itself a trustworthy company either to regulators or consumers.
“It’s disturbing that they could have been able to use this to access information about competitors’ products, regulators, or personal information.”