Uber Caught Tracking iPhone Users Through Their App
Uber caught tracking iPhone users
According to new allegations, Uber has been secretly tracking iPhone users through the Uber app.
Not only has Uber been tracking iPhone users without their knowledge, but they’ve also tried to hide it from Apple, suggesting that Uber knew they were breaking the Apple App Store terms of service.
The allegations are related to a period during 2014 and 2015. Allegedly, Uber used digital fingerprinting techniques to track users after they had deleted the Uber application.
According to Uber, the company used this technique to stop malicious users from removing the Uber app and then reinstalling it under a fake name.
When asked about the case, Uber responded by saying, “We absolutely do not track individual users or their location if they’ve deleted the app… Being able to recognize known bad actors when they try to get back onto our network is an important security measure for both Uber and our users.”
Essentially device fingerprinting can be used to track a device by using its MAC address, device build information, and browsing habits. This is a strategy that is often used to help app marketers cross the app-web barrier that exists each time a smartphone user taps an advert to be brought to a web page. It helps algorithms to identify when a user follow throughs with certain actions.
Typically, this type of device fingerprinting is acceptable within the app store, however, because of the way in which Uber used the feature, it directly impacted Apple’s terms of service, which are aimed at protecting consumer privacy.
At this point, Uber could have stuck their hands up and made changes to their system. However, instead, Uber used tactics to try and hide their device fingerprint from Apple. Uber adjusted their application so that when a iPhone used the app from within Apple’s physical location in Cupertino, the device fingerprinting code wouldn’t activate.
This technique is well-known in the industry as geo-fencing, and when Apple engineers started to notice the app behaving differently whilst they used it outside of Apple’s headquarters, Uber’s geo-fencing features became apparent.
This sneaky behavior even caught the attention of Apple CEO Tim Cook, and Cook called Uber CEO Kalanick to his offer to personally ask him to remove the code from the iOS Uber app. Cook also mentioned that the app would be removed from the Apple app store if Kalanick didn’t remove the feature and the device fingerprinting feature from Uber’s app immediately.
Uber has often been in the news for their questionable business practices. As an example, in countries where Uber has been restricted, specific code was created to throw off government officials. The code would work to identify authorities and specifically send out ‘ghost cars’ when they attempted to use the app to request an Uber drive.
Essentially a car would drive towards the user in the app, but no car was ever connected to the car in the first place.
Uber has proven to be a revolutionary service, but their business practices leave us worried. With such a lack of transparency, there’s no questioning where Uber’s moral code lies. What’s to stop a company like Uber, which has millions of users worldwide, implementing other privacy breaching tools such as SMS tracking, app tracking, or location tracking?