Hundreds of sites use something like keyloggers and record what you type, clicks and moves accordingly with a survey recently held at Princeton University. These pages include Guardian, Reuters, Samsung, AlJazeera and WordPress.com.
Most of you know that your searches, page views and even scrolling a page are being tracked. But research shows just how complicated monitoring can be.
The websites we mentioned above allegedly use what is called “session replays”, or “session replays, ”And helps them record the typing and gestures that each user makes while navigating a page.
The study, conducted by Princeton's Center for Information Policy, focused on some of the main ones Companies that offer session replays services: SessionCam, UserReplay, FullStory, Clicktale, Yandex, Smartlook and Hotjar.
It is important to understand why this behavior is dangerous, in addition to your privacy.
The Princeton study reports that most of these services (resembling keyloggers) directly block password input fields from registrations, but often the forms are mobile-friendly Appliances. Thus very sensitive information, such as passwords, credit card numbers and credit card security codes end up on the pages that use the specific services.
The study explains:
"All the companies studied offer some mitigation through an automated processing, but that changes significantly from provider to service provider. UserReplay and SessionCam replace all user inputs (keyboards) with text of equivalent length coverage, while FullStory, Hotjar and Smartlook completely block these input fields. ”
Note that all of this information is usually shared when a user signs up for a service or makes a payment and is expected to be completely confidential.
Paul Edon, director of security company Tripwire, told BBC News that "the first concern is the legality of recording people's keystrokes without first informing them of the incident. If these sites do not warn the user that they are logging in, then I would categorize it as "illegal activity."
Once again, big names like Microsoft, WordPress.com, Reuters and Samsung are spying on their users' privacy.