The Burger King application has been suspected in the video recording of credit card data

The user "Habr" under the pseudonym fennikami drew attention to some interesting features of the mobile application Burger King. "Today, my hands have reached the raspiarennogo and the popular application Burger King (the same where" burger – free "," naidalovo "and promotional codes for friends)", – the author of the investigation begins.

first of all, the application traffic. It turned out that after the device sends data to the server, the video recording instruction of the user device screen responds [19659002] "And the MaxVideoLength parameter (maximum length of the video) is specified" 0 ", which means infinite recording while the application is running). to say that the application not only saves the screen, but transmits it continuously and continues in the same way to the server. Mobile Internet users (almost all ) appreciated this "feature", I think, explains Fennikami.

He discovered that the file is kept and that the user enters all the data of the payment card. Fennikami notes that not only Burger King application developers, but also the partners of the AppSee badytical platform, as well as the adm service administration itself, have access to recorded videos

CNews attempted to comment on the press service.

Update

The mobile application of Russian Burger King does not collect personal data from users, information about their behavior in the application do not contain no banking data, and all transactions are secure, with "RIA Novosti" bschaet in reference to Burger King.

'Burger King mobile application to order the removal does not collect personal data of its subscribers. All transactions are safely protected by one of the best acquirers in the country – "Yandex.Kbada". Data on the behavior of users in the application do not contain information on credit cards and are not stored on the server, " – told the digital director" Burger King Russia "Sergei Ocheretin , whose words have led to the company.He stressed that these data are impersonal and encoded so that it is impossible to obtain personal information from them.

Our channel in Telegram.

Quick communication with the editor: read the chat Onliner public and write us at Viber!