Friday, January 24, 2025

Phissy: Restaurant Organizer app for iOS: In-App Privacy Policy and Terms and Conditions Links Do Not Work

 iOS 18.2.1

Phissy: Restaurant Organizer app for iOS (version 10.2.11)

01/24/2025

Description:

An app called Phissy: Restaurant Organizer for iOS has a problem. The in-app links to "Privacy Policy" and "Terms and Conditions" do not seem to work. Selecting these options (which appear in a pop-up) do not take the user to either a privacy policy or a valid terms and conditions. 

Curiously, this only occurs with the "Privacy Policy" and "Terms and Conditions" links that are presented from inside the app. The equivalent links in Phissy's Apple App Store detail page work as expected and take users to valid Terms and Privacy Policy pages. 

In essence: the in-app options just do not work. There's no redirect out of the app a privacy policy or terms and conditions page. According to Apple's App Store rules: all apps must include a working link to their privacy policy, "within the app and in an accessible manner."

This is how these non-working options appear in-app:


Click on either "Privacy Policy" or "Terms and Conditions" does nothing - they do not take the user to valid and readable privacy policies or terms and conditions pages. 


Steps to Reproduce:

1. Download and launch the Phissy: Restaurant Organizer app for iOS

2. From the "Welcome to Phissy!" screen, scroll down and click on either "Terms and Conditions" or "Privacy Policy"

3. From the pop-up select either "Privacy Policy" or "Terms and Conditions"

Result: The in-app Privacy Policy and Terms and Conditions links inside of the Phissy app are not working - clicking on either option does not take the user to a valid Privacy Policy or Terms and Conditions 

Expected: The in-app Privacy Policy and Terms and Conditions links inside of the Phissy app should always work. User should always shave access to the Privacy Policy


Download and launch the Phissy: Restaurant Organizer app for iOS...


From this screen, select either "Privacy Policy" or "Terms and Conditions"


The "Privacy Policy" and "Terms and Conditions" options do not work. 







Posted by at No comments:
Labels: ,

Wednesday, January 22, 2025

OneDayOnly - Online Shopping app for iOS: Google OAuth Consent Screen: Incorrect App Name of project-4272050226

 iOS 18.2.1

OneDayOnly app for iOS (version 4.3.0)

01/22/2025

Description:

The Google OAuth sign-in screen for the OneDayOnly - Online Shopping app for iOS displays an app name of:



This obviously isn't an accurate representation of what the user is logging into. 

Steps to Reproduce:

1. Download the OneDayOnly app for iOS

2. Select the "Account" option 

3. Select the "Log in" option 

4. Select "Log in with Google"

5. From the Google pop-up prompt select "Continue"

6. Note the name "project-4272050226" on the Google consent screen

Result: The app name listed on the Google OAuth consent screen for the OneDayOnly iOS app displays as "project-4272050226" - this is misleading to the end user 

Expected: The OneDayOnly iOS app should display the correct name of the app on the Google OAuth consent screen 





Download and launch the OneDayOnly app for iOS app...




Select the "Account" option...


Select the "Log in" option...


Select the "Log In With Google" option...


Select the "Continue" option from the pop-up...


Incorrect app name of: project-4272050226









Posted by at No comments:
Labels: , ,

Tuesday, January 21, 2025

HolidayPirates app for iOS: Awkward Error Messaging after Cancelling Apple Sign-in

 iOS 18.2

HolidayPirates app for iOS (version 4.10.5)

01/21/2025

Description:

The Holiday Pirates app for iOS has a less than friendly error message after the user cancels out of the Apple Sign-in process:



Apple's Human Interface Guidelines state that error messages should be clear, concise and user-centric. This error message is not that. 

You will see this error message happen occasionally with other apps. I've written about it a handful of times. 

Steps to Reproduce:

1. Download and launch the HolidayPirates app for iOS
2. Advance through the Select country feature 
3. From the "Log in or create a new account" screen select "Continue with Apple"
4. Dismiss the Apple Sign-in menu
5. Note the error message that includes as error string of: "(com.apple.AuthenticationsServices.AuthorizationError error 1001.)"

Result: A less than informative and non user-friendly error message is displayed by the HolidayPirates app after the users cancels out of the Apple Sign-In option during account creation. The app displays an error message that displays the non-informative string of: (com.apple.AuthenticationsServices.AuthorizationError error 1001.)"

Expected: No iOS app should display text such as "(com.apple.AuthenticationsServices.AuthorizationError error 1001.)"




Download and launch the TravelPirates app for iOS...


Select the "Continue with Apple" option...


Cancel out of the Apple Sign-In menu. The menu will quickly descend and will be replaced by...


A less than informative error message. 







Posted by at No comments:
Labels: , , , ,

Sunday, January 19, 2025

MyColumbiaCU app for iOS: Privacy Policy and Developer's Privacy Policy Links in the Apple App Store lead to a AWS NoSuchBucket Error Message

 iOS 18.2

MyColumbiaCU app for iOS (version 4.2)

Date: 01/19/2025

Description: 

Here's an odd one: instead of a 404 page indicating a lack of a correct link to a privacy policy, an app connected to a credit union called MyColumbiaCU has two links that lead to an AWS invalid bucket error message. These two links are the Privacy Policy and Developer's Privacy Policy links from the Apple App Store listing for the app. 


The bad link can be found at: https://ingaged-config.s3.amazonaws.com/static/privacy_policy.html

I'll write a review, report this with Apple, and try to send an email to the company that released the app. 

Steps to Reproduce:

1. Head to the MyColumbiaCU app for iOS Apple App Store listing 
2. Click on either "Privacy Policy" or "Developer's Privacy Policy" 

Result: From MyColumbiaCU's Apple App Store detail page, both the Privacy Policy and Developer's Privacy Policy links lead to an AWS NoSuchBucket Error page 

Expected: The Privacy Policy and Developer's Privacy Policy links on the MyColumbiaCU Apple App Store listing should link to valid privacy policies 


Head to the Apple App Store listing for the MyColumbiaCU app for iOS. Scroll down to either the "Developer's Privacy Policy" or "Privacy Policy" links. 


Click on a link such as Developer's Privacy Policy...


User will end up on: https://ingaged-config.s3.amazonaws.com/static/privacy_policy.html








Posted by at No comments:
Labels: , , ,

Wednesday, January 15, 2025

Kitsap Credit Union app for iOS: Privacy Policy and Developer's Privacy Policy Links in the App Store Lead to a 404 Page

 iOS 18.2

Kitsap Credit Union app for iOS (version 2024.10)

01/15/2025

Description:

The Apple appstore listing for an app called Kitsap Credit Union has a problem: the "developer's privacy policy" and "Privacy Policy" links in the Apple App Store listing lead to a 404 page. 

They are linking to this page, which is currently a 404:

https://kcu-website-frontend.azurewebsites.net/pdf/privacypolicy.pdf/


Steps to Reproduce:

1. Head the Apple App Store listing for the Kitsap Credit Union iOS app

2. Select either "developer's privacy policy" or "Privacy Policy"

Result: the "developer's privacy policy" and "Privacy Policy" links on the Kitsap Credit Union's app for iOS in the Apple App Store link to a 404 page

Expected: per Apple's requirements, end users must always have access to a privacy policy. Any end user of a financial app should always have access to the relevant privacy policy



Head to the Apple App Store listing for the Kitsap Credit Union app for iOS...


Select the "developer's privacy policy" link on the Apple App Store listing, or...








Posted by at No comments:
Labels: , , ,
Subscribe to: Posts (Atom)