The Burger King application can secretly record data from the smartphone on which the app is installed.
An amateur 18-year-old IT specialist, known for his moniker as fennikami, studied the program code of the application. Having analysed the traffic of the mobile application for iOS devices, the young man found that the mobile client continuously captures both images, all input data and even the movement of fingers on the screen to make it possible to compare all this data. The specialist concluded that the application secretly records video from the screen of the smartphone, including at the time when a person inputs their bank details to pay for their order.
The video recording starts from the moment the user opens the application for the first time and runs continuously before all the recordings are sent to the server. The video recording does not stop even when a person uses other apps, but the Burger King app remains open.
The author posted the results of his research on the Habr website, saying that it is not only the developers of the Burger King app that have access to recordings made from users' phones, but also partners of the AppSee platform, where the records are sent. AppSee measures user activity and evaluates their interaction with the applications. In addition, video recordings become available for viewing to specialists of Yandex.Metrica and Chashlytics.
Thus, fennikami concluded, the number of those who can view all the actions of Burger King app users counts hundreds of people. The young man is certain that the app secretly records videos even at the moment when Burger King customers enter their card details.
The press service of Burger King Russia has not commented on the situation yet.