Carrier IQ hopes customers will come back after scandal

The company said it has implemented new policies to ensure that its software doesn't collect keystrokes

Carrier IQ said it hopes that operators, some of which have disabled its software after a privacy uproar late last year, are now realizing how valuable the data its software collects is.

"Some of our customers have been using this data for five years. It's deeply embedded in how they operate," said Andrew Coward, vice president of marketing and product management at Carrier IQ. "For the most part, they've realized this is the only way they'll ever get this kind of real insight on the consumer experience." He spoke from the company's tiny booth on the show floor at Mobile World Congress in Barcelona Monday.

Coward said the company hasn't lost a single customer following the release of a research report late last year that showed Carrier IQ's software was logging keystrokes, unbeknownst to end users. Carrier IQ's software is designed to send information about the phone's performance to operators, which use the data to learn more about performance issues.

Sprint and Apple both said that they disabled the Carrier IQ software on their phones. Some Carrier IQ customers are likely to have contracts of a set term, so even if they disabled the software, Carrier IQ may not consider them a lost customer.

Carrier IQ maintains that its software doesn't record keystrokes, but Coward said that "flaws in implementation by a lot of handset makers led to information being written into those files that never should have been."

Over the last six to eight weeks, phone makers have been pushing out firmware updates to phones to correct the implementation. In addition, Carrier IQ has added a qualification step to ensure that the software is implemented correctly and that no private information is left on devices, he said.

Most Carrier IQ customers are now taking a look at how important the data is to them, Coward said. "It gave pause for a lot of our customers to question what is this data, is it important, do we need it and can we get by without it," he said. Executives who are accustomed to seeing regular reports on the health of phones in the marketplace are unlikely to want to give up that kind of insight, he said.

To make its offering even more valuable, Carrier IQ on Monday released APIs that will allow operators to use the data collected through Carrier IQ to create customer self-care portals on their web sites. An operator that uses this technology would allow a customer to log into the portal and at a glance see that the operator has noticed their phone is getting poor battery life or has many dropped calls, for example. The portal would then be able to suggest fixes to the problems, by showing the customer which applications are draining a lot of data, for instance.

The pressure specifically on Carrier IQ from authorities after the keystroke allegations surfaced has died a bit, according to Coward. U.S. members of Congress questioned Carrier IQ about the data its software collects and asked the U.S. Federal Trade Commission to investigate. Regulators in some European countries also began looking into the company, even though it doesn't have any customers in Europe, according to Coward. Most of the investigations have been subsumed into broader discussions by authorities into the need for mobile privacy regulations, he said.

Nancy Gohring covers mobile phones and cloud computing for The IDG News Service. Follow Nancy on Twitter at @idgnancy. Nancy's e-mail address is

Join the CSO newsletter!

Error: Please check your email address.

More about Andrew Corporation (Australia)AppleCarrierFederal Trade CommissionIDGSprint

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Nancy Gohring

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place