‘Mr Black, is that you? I’m just calling to say congratulations again on your Belize house purchase. Now…’
‘Your Belize house purchase, Mr Black! I have all the details here. Andrew Black, 228 Park Avenue South, New York, social security number 415-090-2345. Now, we’ve arranged for delivery of your grand piano…’
Sounds scary, right? But also unbelievable. After all, who on earth could pull off an identity theft so extraordinary that they could purchase a house in your name?!?
As it turns out, this level of identity theft is not only possible, but probable. And even more frighteningly, many of us are willingly increasing the chances that this will happen to us…every day.
If you’re one of the millions of people in the world who use browser autofill, then you’re in for a bit of a shock…
Convenience at a price
In the not too distant past, filling out a form was an arduous task indeed. So arduous, in fact, that many of us could expect to spend days, if not weeks of our lives doing it. You’d basically sit there with a pen for many long minutes, and hope against hope that a) you didn’t make a mistake (hello whiteout!) or b) that the postman didn’t steal your details.
It was awful, and we’re all glad those days are (mostly!) over.
And then just like that, the internet age was upon us. Suddenly, instead of painstakingly filling out hundreds of faint tiny little squares, we all rejoiced – we could type and delete! Then, the holy grail itself arrived – instead of typing at all, we could autofill!
And rejoice we all did, for many years indeed. Some statistics show that approximately 18% of all internet users use browser autofill; where other sites peg this number at about 50%. It seems that we’ve been nothing but enthusiastic about picking up this new technology that saves us soooo much time (to be fair, autofilling forms is 536 times faster than typing it out) and remembers everything for us.
What could possibly go wrong?
A lot, it seems.
And in fact, those in the know have been warning us for ages.
Way back 10 years ago, when autofill was hardly even a thing, users of Mozilla browsers started warning others via issue tracking site Bugzilla that if a site possessed an XSS coding hole, autofilled information could be ‘very easily’ stolen.
Yet despite this, it’s only been in recent times where the knowledge – and reality – of autofilled details theft has become frighteningly mainstream.
Take, for example, a recent study conducted by Freedom to Tinker. They found 8,000 websites (including huge players such as Bonobos, Walgreens and Lenovo) that were using questionable scripts that essentially exfiltrated user data – including all autofill details – to third party servers. The most chilling of these examples was Walgreens, where the website script was exfiltrating autofilled details plus…health conditions and prescription data. Yes, you read that correctly, a server, somewhere, was storing your personal and health details. The mind boggles, in a very serious way, to think what might happen if that information got into the wrong hands.
Freedom to Tinker are far from the only ones uncovering the potential for autofill information theft, either. Have you ever received an email and thought ‘Huh? I never signed up for that!’. Well, The Independent thinks they know why. Earlier this year, they reported on research from Princeton that found that 1,110 of the top one million Alexa sites in the world ran a script that could essentially steal your email address from your browser autofill. This information, in turn, could be used to build a personal profile of you, which is great for advertisers, but not great for privacy, amongst other things.
The IRS knows the risks of autofill, too. Recently they disabled an autofill-like data retrieval feature in their Application for Federal Student Aid, saying that it was altogether ‘too risky.’
Basically, if you’re using browser autofill right now, you really can’t be too sure where your information might end up…
Don’t privacy terms protect me?!?
For those of you thinking ‘but I always read website privacy terms, and I would never agree to any of this’…think again.
The majority of data exfiltration discovered by both Freedom to Tinker and the researchers at Princeton was happening via third-party scripts. So, while the main publisher or website might have privacy terms that protect your data, the scripts, which were typically ad managers, put the onus back onto you to ‘not share sensitive information.’ Frighteningly, in one Freedom to Tinker example, the offending website, Gradescope, who were found to be sending student names and email addresses (autofilled) as well as grades and instructor comments to a third-party server, weren’t even aware of the privacy terms of service of the ad manager script they were running.
Basically, they were as much in the dark as any of us might be that this was actually happening.
But how does it happen?
So how do scripts access the autofilled details that your browser should be protecting? It’s actually very easy.
The first way they do it, according to researchers at Princeton, is to insert hidden forms:
‘The tracking script inserts an invisible login form, which is automatically filled in by the browser’s login manager. The third-party script retrieves your email address by reading the populated form and sends the email hashes to third-party servers.’
The second, and more bone-chilling way involves writing a script that will capture literally everything you do, according to the researchers at Freedom to Tinker:
‘[These session-replay scripts] record your keystrokes, mouse movements and scrolling behaviour, along with the entire contents of pages you visit and send them to third-party servers. And unlike typical analytics services that provide aggregate statistics, these scripts are intended for the recording and playback of individual browsing sessions…’
‘As if someone was looking over your shoulder.’
‘Some companies even allow scripts to explicitly link recordings to a user’s real identity.’
What we know is that browser autofills are distinctly lacking. But why?
A big part of the reason is that web browsers are, by nature, client-side applications. What this means is that they need to have a more open architecture to allow you, the user, to fulfil all of your browsing needs. Browser autofill is simply an add-on feature, built more with browser functionality in mind.
As it turns out, though, not all autofills are built that way…
Solving the security problem?
If you’re now petrified and feeling completely ready to break up with your autofill, we don’t blame you. Fortunately, though, pioneering security technology created by one of the world’s leading autofill companies, Fillr, is helping to pave the way for better data protection for all of us.
Where Fillr differs radically from its browser counterparts is how it stores your data. Unlike browser autofills, where data is stored in the browser itself, any information you enter when you use Fillr outside of your browser in Fillr’s secure enclave, and then it’s encrypted using military-grade 256-AES encryption. And unlike browser autofills, Fillr doesn’t make your data readily available, it instead stores it behind a PIN. And that pin is stored safely in your head – so no third-party script will be able to get it!
And for those of us who want maximum security (which, at this point, should be all of us!), Fillr offers the option to delete any stored E-commerce site profiles you have and instead use Fillr in Quest Checkouts, while still maintaining the 1-click experience. Hurrah!
So, as it turns out, it might be time to break up with your autofill after all. Well, break up with all of your other autofills, anyway, and get Fillr instead.
Fillr has developed ‘Autofill as a Service’, the world’s most intelligent and accurate autofill that seamlessly integrates into your social or shopping app. Contact us today to find out how our technology can help your customers to transact faster and more effectively across millions of merchants sites, boosting your conversions and revenue.