Princeton Study Explains how Popular Websites Track every Mouse Click and Keystroke Using Session Replay Scripts

Technology > IT

Photo By CCO License via PEXELS
 
 

Princeton University’s Center for Information Technology Policy presented a study that shows how hundreds of popular websites can capture a user's data through a keylogging software.

According to the New Jersey-based interdisciplinary center, everything the users click and type in popular websites is recorded through a keylogging software. The study revealed that most well-known websites use session replay scripts, bits of codes given by third-party servers to help operators understand the manner in which their visitors interact in the website and allow the websites to re-enact the user’s browsing sessions the moment they visit the same site again.

The study reported that out of the 50,000 most visited websites, 482 of them employ session replay scripts, involved in some form of data sharing and collection, and normally have no clear disclosure.

Princeton University’s Ph.D. candidate Steven Englehardt wrote in the study that the collection of web pages contains third-party scripts that may potentially leak sensitive information, including personal details, credit card data, and medical conditions.

“This may expose users to identity theft, online scams, and other unwanted behavior. The same is true for the collection of user inputs during checkout and registration processes,” wrote Englehardt.

Privacy researcher Shkan Soltani commented that majority of online users are not even aware that when they interact with a website, their information is being shared with 40 or even 100 third parties.