Malware

All you need to know about Session Replay

Have you ever wondered how you see advertisements of something you searched a moment back on the page you visit or on social media site? Is it a coincidence or websites are tracking you?

Tech savvy users know that scammers use diverse ways to record the information by corrupting machine or by using keyloggers, unsecure network. But do you know many top websites use a technique to track your online activity and collect data? If hackers get access to this data what can happen?

When we use websites for shopping, financial transaction or to get a medical help we enter our name, password, credit card and medical details expecting them to be safe and intact. But sometimes this trust turns out to be just a misconception, as websites use web tracking.

What is Web tracking?

It is the activity taken up by a website to have records of your online visited sites. For this purpose, they use special software tools, at first it may appear that all this is done to improve user experience. But that is not the case they use this data for their personal motive, to keep a check on your browsing activity and to collect information without your knowledge.

Malicious sites alone don’t follow such practice even your favorite sites can do so. Open your eyes and keep a check on what’s going on when you go online.

Recently Steve Englehart, Gunes Acar, and Arvind Narayan group of researchers from Princeton University’s Centre for Information Technology Policy (CITP) found that 482 sites out of 50,000 top websites around the world are using “Session Replay” for web tracking.

Also Read: What is a cyber-attack and how it affected us this year?

What is Session Replay?

It is a new technique adopted many famous, high profile websites to track user online movement. They collect data for analysis to provide better end user experience. But all this is done without user’s consent which makes it look suspicious. Not only this “Session Replay Scripts” records beyond the information users provide to a website. Even the text you type and delete before submitting any form is also recorded.

Session replay scripts records almost everything from keystrokes, mouse movements to the complete web content of the page you visit. This data is then shared with third party servers for analysis. All this pose a serious threat to user’s privacy as third-party replay scripts can collect any data which can make user’s susceptible to identity theft, online scams and other illegal activities.

If the collected data falls into wrong hand then no one knows what will happen as hackers will have access to trove of personal data.

Not only this the data collected by these scripts is not kept anonymous. The companies like FullStory, SessionCam, Clicktale, Smartlook, UserReplay, Hotjar and Yandex provide session replay software that allows website owners to link recording with user’s actual identity.

Also Read: Tips To Stay Safe From Cyber Attacks This Cyber Monday

Data at risk unsafe method

Researchers did deep digging into the matter and found that leading companies which offer session replay software services skip password input field from recording.  But we cannot be sure if the same practice is followed by all other companies.

Companies like SessionCam and UserReplay – don’t collect user data, instead they track the clicks, and offer a dashboard with automatic and manual tools to delete user data. However, this is not the safest approach as some of the user data is collected due to the text inputs which store exposed passwords. This is disturbing as third-party sites may end up collecting user data which has all the personal and confidential details in it.

Top websites are amongst the ones using this technique

Many significant websites use session replay scripts to benefit users but since all this is done without user’s knowledge or a hint user’s privacy is violated by these websites. Also, this increases the chance of data breach.

Besides this fact it is noticed that most companies using the script don’t even know they are using this technique which makes the things graver.

Companies using such software include The Guardian, Reuters, Samsung, Al-Jazeera, VK, Adobe, Microsoft, WordPress, Samsung, CBS News, the Telegraph, Reuters, and US retail giant Home Depot, among many others.

So, if you are logging in one of these websites, you should expect that everything you write, type, or move is being recorded.

Also Read: 12 signs your system has Malware infection

How can users stop this from happening?

Users can setup Do Not Track (DNT) flag in their browsers. But this is not a 100% secure method. As researchers have noticed that commonly used ad blocking lists don’t block FullStory, Smartlook, or UserReplay scripts,” but they do block Yandex, Hotjar, ClickTale and SessionCam.

Finally, the websites hosting session replay scripts might have protected themselves by using encrypted HTTPS protocol, but who knows what session replay boards use HTTP (making it vulnerable) or HTTPS.

Leave a comment