Hundreds of websites record your every keystroke without you knowing | #CyberSecurity #Privacy #SessionReplay #Awareness #BIGDATA | ICT Security-Sécurité PC et Internet | Scoop.it
Hundreds of websites record your scrolling behavior, clicks and movements according to a study recently carried out at Princeton University. Among these are The Guardian, Reuters, Samsung, AlJazeera and WordPress.com.

Most of us are aware that our searches, page views and even page scrolls are documented, but the report sheds light on how intricate that tracking can be. Using something called “session replays,” they record keystrokes and movements a user makes while they navigate a page — basically “looking over your shoulder,” but virtually.

The study, carried out by Princeton’s Center for Information Technology Policy, focused on some of the main companies that offer session replay services: SessionCam, UserReplay, FullStory, Clicktale, Yandex, Smartlook, and Hotjar.

It’s important to understand why this is dangerous — apart from straight-up invading your privacy. The report pointed out that most of these services directly exclude password input fields from recordings, but a lot of the time mobile-friendly forms are not redacted on the recordings, and end up revealing sensitive information, including passwords, credit card numbers, and even credit card security codes.

The report explains, “All of the companies studied offer some mitigation through automated redaction, but the coverage offered varies greatly by provider. UserReplay and SessionCam replace all user input with an equivalent length masking text, while FullStory, Hotjar, and Smartlook exclude specific input fields by type.”

This kind of information is usually shared when a user is signing up for a service or making a payment, and is expected to be completely confidential.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Session-Replay+Scripts

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Cyberespionage

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Privacy

 

https://gustmees.wordpress.com/2013/12/21/privacy-in-the-digital-world-shouldnt-we-talk-about-it/