around the world

The Burger King application was suspected in video recording of bank card data

User  under the pseudonym fennikami drew attention to some interesting features of the mobile application Burger King. “Today my hands have reached the raspiarennogo and popular applications Burger King (the very one where the” burger – for free “,” naidalovo “and promotional codes for friends), ” the author of the investigation begins.

His attention was drawn, first of all, to the traffic of the application. It turned out that after the device sends data to the server, in response comes the instruction on recording video from the screen of the user device.

“And the MaxVideoLength parameter (maximum video length) is specified as” 0 “, which means – an infinite record (while the application is running). That is – the application does not just record the screen, but does it continuously and exactly the same way continuously sends the record to the server. Users of mobile Internet (that is, almost all) this “feature” appreciated, I think, “ – explains fennikami.

Screenshot of the video extracted from the “Stream” on the AppSee server.

He found out that the record is kept and at the moment when the user enters all the data of the payment card. fennikami notes that not only the developers of the Burger King application, but also the partners of the analytical platform AppSee, as well as the administration of the service itself, have access to the recorded videos.

CNews journalists tried to take a comment in the press service of the Russian Burger King, but the company did not answer the questions asked.

Back to top button