Tuesday, November 12, 2024

People's Daily app for iOS: Privacy Policy links in App Store listing does not lead to a privacy policy

 iOS 18.0.1

People's Daily app for iOS (version 4.2.6)

11/12/2024

Description: 

According to Apple App store rules, "all apps must include a link to their privacy policy in the App Store Connect metadata field and within the app in an accessible manner." 


The People's Daily app for iOS does not follow this rule. The People's Daily app for iOS Apple App store listing links to a bad URL.



Steps to Reproduce:

1. Head to the People's Daily app for iOS listing in the Apple App Store 
2. Scroll down and select either "developer's privacy policy" or "privacy policy"

Result: The "developer's privacy policy" or "privacy policy" links on the People's Daily app store listing do NOT lead to a readable privacy policy 

Expected: The "developer's privacy policy" and "privacy policy" links from the People's Daily app store listing should lead to a readable privacy policy 


Head to the People's Daily Apple App Store listing...


Select the "developers privacy policy" link...


Leads to: https://api.en.pdnews.cn/html/privacyPolicy.html which is not a working privacy policy. 





Posted by at No comments:
Labels: , , ,

Wednesday, November 6, 2024

Pepper - Recipes with Friends app for iOS: Google OAuth Consent Screen: Incorrect App Name of pepperauthprod.auth.us-east-1.amazoncognito.com

 iOS 18.0.1

Pepper - Recipes with Friends app for iOS (version 2.10.1)

11/06/2024

Description: 

The Google OAuth Sign In screen for the Pepper - Recipes with Friends app displays an app name of: "pepperauthprod.auth.us-east-1.amazoncognito.com."

This is not an accurate representation of what the user is signing into. 


Steps to Reproduce:

1. Download the Pepper - Recipes with Friends app for iOS (version 2.10.1)

2. Launch the app - select "Sign Up"

3. From the "JOIN US." screen, select the "Sign up with Google" option 

4. From the Google Sign in screen, note the app name of: "pepperauthprod.auth.us-east-1.amazoncognito.com"

Result: The app name listed on the Google OAuth screen presented by the Pepper - Recipes with Friends iOS app is: "pepperauthprod.auth.us-east-1.amazoncognito.com" - this is an AWS URL and not an accurate representation of what the app's name is. There is no privacy policy or TOS link either 

Expected: The Google OAuth screen presented by the Pepper - Recipes with Friends app should present the name of the app correctly 


Launch the Pepper - Recipes with Friends app for iOS...


Select the "Sign Up" option...


Choose the "Sign up with Google" option...


The app name is: "pepperauthprod.auth.us-east-1.amazoncognito.com"






Posted by at No comments:
Labels: , , ,

Wednesday, October 30, 2024

Smart App Banner bug: myPittCounty iOS app banner: myPittCounty App Banner is Blank

 iOS 18.0.1

Domain: https://pay.pittcountync.gov/

Environment: Mobile Safari 

10/30/2024

Description:

Here's an unusual one that I do not believe that I have ever encountered before. A new app was launched by Pitt County in the State of North Carolina. 

This app is available from the Apple App Store. I wrote a bug about this app yesterday.

When the user visits https://pay.pittcountync.gov/ using Mobile Safari on an iPhone, they are presented with a "Smart App Banner" which is supposed to display an image of the app and an option to either:

  • Download the app if it isn't on the device
  • Open the app if the app is downloaded on the device
There's a problem, however. 

Take a look at this screenshot:


The Smart App Banner displayed by pay.pittcountync.gov is completely blank. This shouldn't be happening. 


Steps to Reproduce:

1. On an iPhone running iOS 18.0.1 navigate to pay.pittcounty.gov
2. Note the blank banner at the top of the screen 
3. Navigate to the app store and download and user the myPittCounty app for iOS
4. Navigate again to pay.pittcounty.gov
5. Note the blank banner at the top of the screen

Result: The Smart App Banner displayed at the top of pay.pittcounty.gov is blank 

Expected: The Smart App Banner displayed at the top of pay.pittcounty.gov should never be blank 



Posted by at No comments:
Labels: , ,

Monday, October 28, 2024

myPittCounty for iOS: Google OAuth Consent Screen: Incorrect App Name of project-191509807296

 iOS 18.0.1

myPittCounty app for iOS

10/28/2024

Description:

Here's a common problem with Google Oauth consent screens. On the Google Oauth screen presented by the myPittCounty app, the correct app name is not listed. Take a look at how it appears:




This goes against Google's own rules


Steps to Reproduce:

1. Download the myPittCounty app for iOS

2. Navigate to the log in page

3. Select the Google logo

4. From the "myPittCounty" Wants to Use "google.com" to Sign in" prompt, select "Continue"

5. From the consent screen, note the app's name isn't listed (instead it says "project-191509807296")

Result: When accessed via the myPittCounty iOS app, the Google Oauth consent screen does not display the name of the app. The app is represented as: "project-191509807296"

Expected: When accessed via the myPittCounty iOS the Google Oauth consent screen should display the correct name of the app 


Download the myPittCounty app from the app store and launch it...


Select the Google option here...


Select "Continue"...


No name of the app: just a project name. 



Curiously the Google Oauth consent screen is taken to in the app is not the same Oauth consent screen that the user is taken to when accessed via the web. The web login can be accessed here






Posted by at No comments:
Labels: , ,

Sunday, October 13, 2024

Pluckers app for iOS: Privacy Policy link in App Store listing lead to a 404 Page

 iOS 18.1

Pluckers Club app for iOS (version 2.1.62)

Date: 10/09/2024

Description:

An app called Pluckers Club for iOS has a bad Privacy Policy link in the Apple App Store listing for the app.


The Privacy Policy link leads to a page that looks like this:


This is the URL in question: https://www.pluckersclub.com/MemberNew/TermsAndConditions/Terms.aspx

Steps to Reproduce:

1. Head to the Apple App Store listing for the Pluckers app for iOS

2. Click on the "Privacy Policy" link 

Result: The "Privacy Policy" link on the Pluckers app for iOS detail page in the Apple App Store does not work - it leads the user to a URL that displays a "Server Error in '/' Application" error message 

Expected: The "Privacy Policy" link for the Pluckers app for iOS displayed on the detail page in the Apple App Store should always work and take the user to a valid privacy policy 


Pluckers app in the Apple App Store




Below you'll see the error message displayed by: https://www.pluckersclub.com/MemberNew/TermsAndConditions/Terms.aspx



Posted by at No comments:
Labels: , , ,

Friday, September 20, 2024

FerryFriend App for iOS: Privacy Policy and Developer's Privacy Policy Links in App Store Listing Lead to a 404 Page

 iOS 18

FerryFriend app for iOS (version 4.5.12)

09/20/2024

Description:


The "Privacy Policy" and "Developer's Privacy Policy" links in the app store listing for the FerryFriend app leads to a 404 page that looks like this:



Steps to Reproduce:

1. Head to the Apple App Store listing for the FerryFriend app for iOS
2. Click on the "Privacy Policy" link

Result: The "Privacy Policy" and "Developer's Privacy Policy" links on the FerryFriend app's detail page in the Apple app store does not work and leads the user to a 404 page

Expected: The "Privacy Policy" and "Developer's Privacy Policy" links on the FerryFriend app's Apple App Store detail page should lead to a valid privacy policy 


Here's the Apple App Store listing for the FerryFriend app as of September 20th, 2024. 


The "developer's privacy policy" link leads to a 404 page...


This "Privacy Policy" link leads to a 404 page as well. 







Posted by at No comments:
Labels: , , ,

Wednesday, September 4, 2024

Lemon8 app for iOS: Twitter Account Creation Does Not Work

UPDATE:


When I checked today (11/03/2024) the option to use Twitter for account creation appears to have been removed from the app:


Downloaded the latest version this morning...


Witter option removed. 

Guess that's that....


____________________________________________________________________________________

 iOS: 17.6.1

Lemon8 app for iOS (version 7.1.0)

Date: 09/04/2024

Description:

Lemon8 account creation is not working with the iOS app. There is a "Continue with X" option for account creation. While the other options all work, the Twitter option does not. 

Selecting this option results in the following error message:

Twitter account creation isn't working - hasn't worked for several weeks. This is the error message. 



Note: This problem does NOT reproduce with the Lemon8 app for Android. This also reproduced with the Twitter app removed from the phone. 

Steps to Reproduce:

1. Download the Lemon8 app for iOS (version 7.1.0)

2. Advance to the home screen

3. Select the Profile icon in the bottom right 

4. From the "Lemon8 - Create account or log in" screen scroll down and select "Continue with X"

Result: It is not possible to use the "Continue with X" option to create a Lemon8 account using the Lemon8 iOS account

Expected: The user should be able to use the "Continue with X" option to create a new Lemon8 account using the Lemon8 iOS app 

Posted by at No comments:
Labels: ,

Tuesday, September 3, 2024

Laurie Buckhout For Congress app for iOS: Privacy Policy Link In App Store Working Does Not Lead to a Privacy Policy

 iOS 17.6.1

Laurie Buckhout for Congress app for iOS (production version)

Date: 09/03/2024

Description:

Today I took a look at an app called Laurie Buckhout for Congress that is available to download from the Apple App Store. This app does not have a valid (working) link to a Privacy Policy in either the app store listing, or from inside of the app.

According to Apple App Store rules, "all apps must include a link to their privacy policy in the App Store Connect metadata field and within the app in an accessible manner. 

The Apple App Store rules regarding access to privacy policies are very clear. 



Here's what the app store listing looks like:

This is the Apple App Store listing for Laurie Buckhout for Congress. Scroll down to the Privacy Policy link...

Click on the "developer's privacy policy" link...

This is obviously not a valid privacy policy.



Steps to Reproduce:

1. Head to the Laurie Buckhout for Congress app for iOS Apple App Store page
2. Scroll down to the "developer's privacy policy" and "privacy policy" links

Result: The "developer's privacy policy" and "privacy policy" links on the Laurie Buckhout for Congress Apple App Store listing page do not lead to valid privacy policies 

Expected: There needs to be working privacy policy links in the Laurie Buckhout for Congress Apple App Store listing 





Posted by at No comments:
Labels: , ,

Friday, August 30, 2024

ABPV America's Best Pics and Videos app for iOS: Share Sheet - missing Email image in the Suggested Apps area

 iOS 17.6.1

ABPV America's Best Pics and Videos app for iOS (version 10.3.11)

Date: 08/31/2024

Description:

Here's a minor problem that occurs from time to time with the iOS share sheet and some apps. This time it is happening with an app called ABPV America's Best Pics and Videos.

Take a look at the Suggest Apps area of the iOS Share Sheet when it is accessed from the app:



The Email option is missing an icon. 

Steps to Reproduce:

1. Download and launch the ABPV America's Best Pics and Videos app (version 10.3.11)

2. From any video select "Share"

3. From the in-app share option, select the "... More" option 

4. From the iOS share sheet, scroll over an select "... More"

5. From the apps menu, scroll down to "Email"

Result: The "Email" option under Suggested Apps in the iOS Share Sheet is missing it's default envelope image 

Expected: The "Email option under Suggested Apps in the iOS Share Sheet should not be missing it's default envelope image 

Download and launch the ABPV app for iOS...

Select the "Share" option from any video...

Select the "... More" option here...

Select the "... More" option here...

Scroll down and look at the "Email" option - it is mysteriously located here and without an icon!








Posted by at No comments:
Labels: , , ,

Sunday, August 25, 2024

Denver Zoo Mobile app for iOS: A "here" Link Takes User to an "Oops!" Error Message

 iOS 17.6.1

Denver Zoo Mobile app (version 1.3.2) for iOS 

Date: 08/25/2024

Description:

There is a bank link inside of the Denver Zoo Mobile app for iOS. Once the user downloads and launches the app, they will be taken to a page that looks like this after they select "My Account":


As you can see, there is "here" link which should (presumably) take the user to a page that explains the changes that have been made to the app.





Steps to Reproduce:

1. Download and launch the Denver Zoo Mobile app (version 1.3.2) for iPhone

2. Select "My Account"

3. From the "My Profile" screen, scroll down and select "here"

Result: A link labeled as "here" on the "My Profile" area inside of the Denver Zoo Mobile app for iOS takes the user to an "Oops! That page can't be found" page

Expected: The "here" link in the "My Profile" area inside of the Denver Zoo Mobile app for iOS should not take the user to an "Oops! That page can't be found" page

Posted by at No comments:
Labels: , ,

Thursday, August 15, 2024

Olive Young Global app for iOS: Google OAuth Consent Screen: User Stranded as there is No Way to Back Out

 iOS 17.6.1

Olive Young Global app for iOS (version 1.3.6)

Date: 08/15/2024

Description:

Here's an unusual problem with a Google OAuth consent screen that I have not encountered before: an app called Olive Young Global has a consent screen which the user is impossible to back out of.

Take a look:

Absolutely no way to back out of this consent screen to the app. The app needs to be forced-quit or deleted. This is a terrible end-user experience. 


Steps to Reproduce:

1. Download and launch the Olive Young Global app (version 1.3.6) for iOS

2. Select the "My" option 

3. From the Sign In page, select "Sign up with Google"

4. No way to back out of Google sign-in page

Result: There is no way for the user to back out of the Google OAuth consent screen presented by the Olive Young Global app - user is stranded on a consent screen. Exiting and re-starting the app does not return the user to the app 

Expected: There should always be a way (a visual cue) for the end user to exit out of a Google OAuth consent screen and back into an iOS app 

Launch the Olive Young Global app for iOS...

Select the "Sign in with Google" option...

No way to back out (no visual cues such as a back arrow) to alert the user how to exit. 






Posted by at No comments:
Labels: , ,

Saturday, August 10, 2024

Gumtree app for iOS: Google OAuth Consent Screen: Terms of Service link leads to a 404 Page

 iOS 17.6

Gumtree app for iOS (version 20.14.0)

08/10/2024

Description:

The Gumtree app for iOS has a problem with the OAuth consent screen. The Terms of service link on Gumtree's OAuth consent screen leads to a 404 page.


Steps to Reproduce:

1. Download and launch the Gumtree app for iOS

2. Select "My Gumtree"

3. Select "Sign in"

4. Select the "Google" option 

5. From the Google Sign-in prompt select "Continue"

6. Select the "Terms of Service" link

Result: The "Terms of Service" link on the Google OAuth consent screen leads to a 404 page

Expected: The "Terms of Service" link on the Google OAuth consent screen for the Gumtree app should lead to a valid Terms of Service 



Select the "Google" option in the Gumtree app.


Select the "Continue" option...


Select the "terms of service" link...


A 404 page.








Posted by at No comments:
Labels: , , ,

Wednesday, August 7, 2024

101.9 The Keg app for iOS: App Crashes If the Privacy Policy is Declined

 iOS 17.5.1

101.9 The Keg app for iOS (version 8.17.0)

08/07/2024

Description:

An app for iOS called 101.9 The Keg crashes every time the user declines the Privacy Policy. 

Please see the attached screen shots.

Steps to Reproduce:

1. Download the 101.9 The Keg app for iOS (version 8.17.0)

2. From the Privacy Policy page, select "Cancel"

Result: Canceling out of the Privacy Policy prompt at the launch of the 101.9 The Keg app for iOS crashes the app

Expected: Canceling out of the Privacy Policy prompt at the launch of the 101.9 The Keg app for iOS should not crash the app. 

Launch the 101.9 The Keg app for iOS...

The app crashes after "Cancel" is selected. 




Posted by at No comments:
Labels: , ,

Thursday, July 11, 2024

Kohl's app for iOS: The "Rewards Terms" link during Account Creation leads to a 404

 iOS 17.5.1

Kohl's - Shopping and Discount app for iOS (version 8.2.19)

07/11/2024

Description:

The "Rewards Terms" link during account creation leads to a 404 page when accessed from the app.

Here's where the link is found inside of the iOS app:


There's a "Rewards Terms" link accessible from this page inside of the app. Clicking on this link takes the user to...


A 404 page.


The same "Rewards Terms" link, when accessed from a laptop, looks like this:




It's obviously not an optimal end-user experience to end up on a 404 page during account creation. 


Steps to Reproduce:

1. Download and launch the Kohl's app for iOS

2. Select "Sign In" from the bottom right 

3. Enter in a valid email address and select "Continue"

4. Enter in a valid password and select "Create Password"

5. From the Kohl's "Create Account" screen, scroll down and click on "Rewards Terms"

Result: The "Rewards Terms" link on the "Create Account" screen leads to a 404 page

Expected: The "Rewards Terms" link on the "Create Account" screen should lead to a valid Rewards Member's Agreement page 

Posted by at No comments:
Labels: , ,
Subscribe to: Posts (Atom)