Glassbox
Glassbox is an Israeli software company.[2][3][4][5] It sells session-replay analytics software and services.[1][6]
Type | Private company |
---|---|
Industry | Software |
Founded | 2010 |
Founders | Yoav Schreiber, Yaron Gueta, Hanan Blumstein[1] |
Headquarters | London, United Kingdom |
Website | www |
History
As of October 2018, Glassbox had raised US$32.5 million of capital funding. In exchange for investing in Glassbox, Washington, DC, equity firm Updata Partners was given two Glassbox board seats.
In April 2020, Glassbox raised US$40 million in series C funding.[4]
In October 2020, Glassbox acquired its rival SessionCam.[3]
Privacy concerns
Last year, we published an expose about how Glassbox’s SDK was being adopted by some customers, where they were not fully disclosing to their own customers just how their online actions were being monitored and tracked in the name of quality control; and how and if sensitive data was being sucked up in the process. It turns out that the story did open up some cracks and help both Glassbox, its customers, and platform operators like Apple and Google (in the case of apps) get on the same page with how well these tools worked, and when.
— Ingrid Lunden, Glassbox raises $40M to track and optimise web user experience, a year after getting dinged over transparency, April 2020[7]
From at least as early as October 2018, Glassbox promoted its software as allowing its customers' websites or mobile apps to "see exactly what your customers do in real time".[8][1][6][4][5] This prompted some Twitter users to express privacy concerns about Glassbox's software.[9][8]
In February 2019, TechCrunch reported that numerous popular applications in Apple's iOS App Store used Glassbox software to record users' activities without the users' informed consent, which compromised users' privacy and contravened the rules of the iOS App Store.[10][11][12] The affected apps included ones published by Abercrombie & Fitch, Air Canada, Expedia, Hollister, Hotels.com, and Singapore Airlines.[13]
In response, Apple told app developers that if they continued to flout the rules of the iOS App Store, their apps would be removed from it.[14][15][16] However, it was not clear whether Apple's request was heeded.[17]
Following TechCrunch's investigation, security researchers from Symantec's enterprise mobile threat division found 277 iOS apps and 291 Android apps that employed Glassbox software, including a number of banking and credit card apps, "putting a user's financial information at risk of exposure".[18] Google, whose Play Store is the Android counterpart of the iOS App Store, did not comment on whether it would expect Android app developers to remove session-replay functionality.[19][20]
Anti-malware company Avast observed that using session-replay analytics "without even mentioning it is not right, and probably illegal in some countries."[21] Computer science professor Thomas Keenan, author of the book Technocreep, suggested that people who do not want a company to record their data like this should delete the app concerned.[22] IT Pro reported that Glassbox retains session, demographic, and location data for up to 24 months, categorizing it by age, gender, and interests, and may combine it with other information obtained from other companies.[23]
References
- "Glassbox now supports more than One Trillion Customer Journeys annually". The Retail Bulletin. 2021-03-10.
Glassbox, the leading digital experience analytics provider for web and mobile applications, today announced another year of significant growth and a milestone of supporting more than one trillion digital journeys annually. In 2020, the company saw additional investment, strategic personnel appointments and business growth.
- "Glassbox Ltd - Company Profile and News". Bloomberg.com.
- "Glassbox Acquires SessionCam and Accelerates Vision to Deliver Frictionless Digital Journeys". Yahoo! Finance. October 15, 2020.
- Wiggers, Kyle (2020-04-07). "Glassbox raises $40 million to track customer journeys with AI". VentureBeat.
Glassbox, which designs automated solutions to optimize web and mobile apps, today announced that it raised a $40 million funding round. Glassbox's investments in AI and machine learning manifest in its customer behavior and churn prediction, real-time fraud detection and prevention, and anomaly detection systems, and they could help enterprise clients anticipate issues within apps before they impact the bottom line. Perhaps more importantly, they could enable triaging teams to mitigate problems such as crashes, bugs, or downtime before they occur.
- "FinovateEurope 2020 – Glassbox". Finovate.
- Orbach, Meir (2020-04-20). "Top Israeli Startups 2020: Most Promising Logistics and E-Commerce Companies". Calcalist.
- "Glassbox raises $40M to track and optimise web user experience, a year after getting dinged over transparency". techcrunch.com/2020/04/07/glassbox-raises-40m-for-tools-to-track-and-optimise-web-user-experience/. 7 April 2020.
- "Glassbox on Twitter: "Imagine if your website or mobile app could see…". Twitter. 2018-10-16. Archived from the original on 2019-02-05. Retrieved 2020-12-10.
Imagine if your website or mobile app could see exactly what your customers do in real time... This is Glassbox.
- Vaas, Lisa (2019-02-08). "iPhone apps record your screen sessions without asking". Naked Security. Sophos.
The answer from one Twitterer: "unacceptable surveillance." From another: "A perfect nightmare for humanity."
- Schroeder, Stan (7 February 2019). "A bunch of popular iPhone apps silently record your screen, report claims". Mashable. Archived from the original on 2020-11-07. Retrieved 2019-02-08.
- Lawler, Richard (2019-02-07). "Did you know these iPhone apps record your screen while you use them?". Engadget. Archived from the original on 2019-02-08. Retrieved 2019-02-08.
- Campbell, Mikey. "Popular iOS apps use Glassbox SDK to record user screens without permission". AppleInsider. Archived from the original on 2019-02-07. Retrieved 2019-02-08.
- Clover, Juli. "Some Popular iPhone Apps Secretly Record Your Screen for Analytics Purposes". MacRumors. Archived from the original on 2019-02-06. Retrieved 2019-02-08.
- Whittaker, Zack (2019-02-07). "Apple tells app developers to disclose or remove screen recording code". TechCrunch. Archived from the original on 2019-02-07. Retrieved 2019-02-08.
- Palladino, Valentina (February 8, 2019). "Apple to developers: disclose screen recording or get booted from App Store". Ars Technica. Archived from the original on 2019-02-08. Retrieved 2019-02-08.
- Griffin, Andrew (February 8, 2019). "Apple tells apps secretly recording what users do on iPhone to stop immediately". The Independent. Archived from the original on 2019-02-08. Retrieved 2019-02-08.
- Reisinger, Don (2019-02-08). "Apple Reportedly Threatens to Take Down Apps that Secretly Record Users' Activity". Fortune. Archived from the original on 2019-02-08. Retrieved 2019-02-08.
It's unclear whether the affected apps, which include some of the more popular retail and travel brands in the App Store, have complied with Apple's request.
- "App Analytics SDKs Could Expose Sensitive Data". symantec-enterprise-blogs.security.com.
- Davis, Jessica (2019-02-11). "Apple Tells App Developers to Disclose or Remove Screen Recording Code". Security Today. Retrieved 2020-12-11.
Glassbox can also be used by Android app developers, but Google has not commented on whether it would also ban the screen recording code.
- Henderson, Rik (2019-02-08). "Apple will remove screen recording apps if they don't own up". Pocket Lint. Retrieved 2020-12-11.
The third-party analytics tool in question is provided by Glassbox and is also present in Android apps. Google is yet to comment, although its own rules are similar to Apple's: "Apps must not hide or cloak tracking behaviour or attempt to mislead users about such functionality," they contain.
- Avast Security News Team (2019-02-07). "iPhone apps record your taps". Archived from the original on 2020-10-26.
- "Air Canada app records your personal information — and you may have no clue". Global News.
- "Widely-used iOS apps recording screens without user permission". IT PRO.