The more time we spend on our smartphones, the more information we are ready to share with them. At present, mobile apps store terabytes of strictly confidential user data, but is it 100% secure? One should think carefully when answering this question.
Today’s article is about not-so-obvious iOS app security issues and protection measures that can get overlooked. What is the next step after you protect data storage, transportation, and encryption? Making sure that the device’s screen is also safe and protected. Illia Khrypunov, iOS Developer at CHI Software, will guide you through this process.
Here you will find helpful instructions on how to make iOS apps secure from screenshots and recording, as well as how to blur app content when switching between opened apps.
A Few Words About iOS Mobile App Security Stats
The number of mobile apps is growing, and so is the number of potential threats for users. As of the third quarter of 2022, around 1.64 billion apps were available on the App Store. There are millions of choices, but how many of them are completely safe?
Global Mobile Threat Report provided by Zimperium states that 51% of respondents have 4-8 work-related apps installed on their phone, and 31% have at least one app. Obviously, enterprises are as much at risk as individual users, so security enhancements must always remain on the agenda.
Despite the number of risks growing daily, 49% of businesses address a new in-app issue only with the next release, and sometimes, the update is deployed with delays.
How to set up iOS and Android app payment gateway integration
Read more
According to Zimperium, nearly half of iOS applications related to healthcare, finance, retail, and lifestyle industries face various types of security risks.
Data protection, which we will talk about in this article, can take many forms. One of them is visual.
How to Blur App Content When Switching Between Opened Apps
Mobile applications often require hiding information on the screen when the user switches between the apps opened in the multitasking panel. To meet this requirement, we use UIVisualEffectView.
We can track the app’s current state to identify at what moment to implement the blur effect. For this, we use AppDelegate/SceneDelegate methods.
Another tool allowing you to track application states is NotificationCenter. We add observers to the state, in which our View will hide (blur) sensitive content.
We can detect that a screen recording is about to start by using the notification UIScreen.capturedDidChangeNotification. After that, we can hide the screen immediately and display a pop-up window notifying users that they are not allowed to record the contents of our app.
How to Protect Sensitive Information When a User Takes a Screenshot?
We cannot prevent people from taking screenshots when our app is opened. But we can get a notification when a user takes a screenshot via UIApplicationUserDidTakeScreenshotNotification.
Next, we can hide the provided information, and this notification feature is one of the essential tools to do that. This is what we mean:
Concealing sensitive data before the contents move to the background. When an application transitions to the background, the system takes a screenshot of the app’s main screen, which it then presents briefly when transitioning your application back to the foreground.
Before returning from your applicationDidEnterBackground method, you should hide or blur passwords and other personal data that might be captured on the screenshot.
Removing the taken screenshot from the gallery. For this, we use UserDidTakeScreenshotNotification, then, get the PHFetchResult<Array>, where we delete the last asset. This option is rather unreliable because we need to request access to the gallery. If the user has canceled access, we cannot pull out the desired screenshot and delete it.
let fetchOptions = PHFetchOptions()
fetchOptions.sortDescriptors?[0] = Foundation.NSSortDescriptor(key: "creationDate", ascending: true)
let fetchResult = PHAsset.fetchAssets(with: PHAssetMediaType.image, options: fetchOptions)
guard let lastAsset = fetchResult.lastObject else { return }
PHPhotoLibrary.shared().performChanges {
PHAssetChangeRequest.deleteAssets([lastAsset] as NSFastEnumeration)
} completionHandler: { (success, errorMessage) in
if !success, let errorMessage = errorMessage {
print(errorMessage.localizedDescription)
}
}
Applying UITextField. Starting from iOS 13+, we can hide information on screenshots and screen recordings using UITextField if our textField is secure (isSecureTextEntry = true).
Since iOS 13, we can also “trick” the system by making our content a part of the secure textField layer, which will hide the data when taking screenshots and recording screens.
iOS application security issues never get too old. Apps become more complex, offering more convenience to mobile users and… more challenges to app developers.
Tasks related to hiding information on screenshots and during screen recording are common, but there is no ready-made solution for each app. You should act according to the situation and choose the option that suits your project best.
In this short article, we described several iOS security tips to help you out when you have to deal with users’ private data. To figure out how it works in more detail, check out a project of our developer on GitHub. Also, feel free to contact CHI Software’s mobile development team to tackle pretty much any challenge on your project.
Polina is a curious writer who strongly believes in the power of quality content. She loves telling stories about trending innovations and making them understandable for the reader. Her favorite subjects include AI, AR, VR, IoT, design, and management.
Are you wondering how much it'll cost to add a chatbot solution to your business? You're not alone. As AI gets more competent, more companies are thinking about jumping on the chatbot bandwagon to boost their customer service and streamline operations. But let's face it – AI chatbot costs can be as clear as mud. Whether you're a tech whiz...
Businesses are increasingly turning to chatbots to improve customer experience and streamline their operations. If you're considering adding a chatbot to your toolkit, you may wonder whether to go with an off-the-shelf chatbot or invest in developing a solution tailored to your specific needs. Each option has advantages and disadvantages that can significantly affect the efficiency of your business and...
If you are thinking about the why and how to develop AI software, be prepared for some impressive facts and lessons you will learn from this article. First of all, more than 70% of organizations now use AI, compared to only 20% in 2017. This wave is fuelled by a surge in investment, which attracted an impressive USD 200 billion...
We use cookies to give you a more personalised and efficient online experience.
Read more. Cookies allow us to monitor site usage and performance, provide more relevant content, and develop new products. You can accept these cookies by clicking “Accept” or reject them by clicking “Reject”. For more information, please visit our Privacy Notice