The more time we spend on our smartphones, the more information we are ready to share with them. At present, mobile apps store terabytes of strictly confidential user data, but is it 100% secure? One should think carefully when answering this question.
Today’s article is about not-so-obvious iOS app security issues and protection measures that can get overlooked. What is the next step after you protect data storage, transportation, and encryption? Making sure that the device’s screen is also safe and protected. Illia Khrypunov, iOS Developer at CHI Software, will guide you through this process.
Here you will find helpful instructions on how to make iOS apps secure from screenshots and recording, as well as how to blur app content when switching between opened apps.
A Few Words About iOS Mobile App Security Stats
The number of mobile apps is growing, and so is the number of potential threats for users. As of the third quarter of 2022, around 1.64 billion apps were available on the App Store. There are millions of choices, but how many of them are completely safe?
Global Mobile Threat Report provided by Zimperium states that 51% of respondents have 4-8 work-related apps installed on their phone, and 31% have at least one app. Obviously, enterprises are as much at risk as individual users, so security enhancements must always remain on the agenda.
Despite the number of risks growing daily, 49% of businesses address a new in-app issue only with the next release, and sometimes, the update is deployed with delays.
How to set up iOS and Android app payment gateway integration
Read more
According to Zimperium, nearly half of iOS applications related to healthcare, finance, retail, and lifestyle industries face various types of security risks.
Data protection, which we will talk about in this article, can take many forms. One of them is visual.
How to Blur App Content When Switching Between Opened Apps
Mobile applications often require hiding information on the screen when the user switches between the apps opened in the multitasking panel. To meet this requirement, we use UIVisualEffectView.
We can track the app’s current state to identify at what moment to implement the blur effect. For this, we use AppDelegate/SceneDelegate methods.
Another tool allowing you to track application states is NotificationCenter. We add observers to the state, in which our View will hide (blur) sensitive content.
We can detect that a screen recording is about to start by using the notification UIScreen.capturedDidChangeNotification. After that, we can hide the screen immediately and display a pop-up window notifying users that they are not allowed to record the contents of our app.
How to Protect Sensitive Information When a User Takes a Screenshot?
We cannot prevent people from taking screenshots when our app is opened. But we can get a notification when a user takes a screenshot via UIApplicationUserDidTakeScreenshotNotification.
Next, we can hide the provided information, and this notification feature is one of the essential tools to do that. This is what we mean:
Concealing sensitive data before the contents move to the background. When an application transitions to the background, the system takes a screenshot of the app’s main screen, which it then presents briefly when transitioning your application back to the foreground.
Before returning from your applicationDidEnterBackground method, you should hide or blur passwords and other personal data that might be captured on the screenshot.
Removing the taken screenshot from the gallery. For this, we use UserDidTakeScreenshotNotification, then, get the PHFetchResult<Array>, where we delete the last asset. This option is rather unreliable because we need to request access to the gallery. If the user has canceled access, we cannot pull out the desired screenshot and delete it.
let fetchOptions = PHFetchOptions()
fetchOptions.sortDescriptors?[0] = Foundation.NSSortDescriptor(key: "creationDate", ascending: true)
let fetchResult = PHAsset.fetchAssets(with: PHAssetMediaType.image, options: fetchOptions)
guard let lastAsset = fetchResult.lastObject else { return }
PHPhotoLibrary.shared().performChanges {
PHAssetChangeRequest.deleteAssets([lastAsset] as NSFastEnumeration)
} completionHandler: { (success, errorMessage) in
if !success, let errorMessage = errorMessage {
print(errorMessage.localizedDescription)
}
}
Applying UITextField. Starting from iOS 13+, we can hide information on screenshots and screen recordings using UITextField if our textField is secure (isSecureTextEntry = true).
Since iOS 13, we can also “trick” the system by making our content a part of the secure textField layer, which will hide the data when taking screenshots and recording screens.
iOS application security issues never get too old. Apps become more complex, offering more convenience to mobile users and… more challenges to app developers.
Tasks related to hiding information on screenshots and during screen recording are common, but there is no ready-made solution for each app. You should act according to the situation and choose the option that suits your project best.
In this short article, we described several iOS security tips to help you out when you have to deal with users’ private data. To figure out how it works in more detail, check out a project of our developer on GitHub. Also, feel free to contact CHI Software’s mobile development team to tackle pretty much any challenge on your project.
About the author
Polina SukhostavetsContent Writer
Polina is a curious writer who strongly believes in the power of quality content. She loves telling stories about trending innovations and making them understandable for the reader. Her favorite subjects include AI, AR, VR, IoT, design, and management.
To remain competitive, modern businesses need to constantly adhere to high standards and keep up with the times. While traditional inspection methods can be time-consuming and prone to human error, anomaly detection with computer vision (CV) can transform quality control processes across industries. This article explains how computer vision solutions development works for anomaly detection, its benefits, implementation challenges, and...
Digitalization in the business world is not a choice but rather a necessity. Whether your business operates in manufacturing, automotive, or agriculture, using computer vision (CV) can undoubtedly increase operational efficiency and drive growth. As businesses constantly strive to meet standards while minimizing costs, computer vision for quality control can kill two birds with one stone. The automated quality inspection...
With the rise of digital technology, the need for personalized, effective customer experience is at an all-time high. According to Statista, 44 percent of users highly appreciate the help of chatbots in finding product information before purchasing, and another 35 percent of customers use the customer support available on websites. Using chatbots for e-commerce helps businesses to stay competitive, increase...
We use cookies to give you a more personalised and efficient online experience.
Read more. Cookies allow us to monitor site usage and performance, provide more relevant content, and develop new products. You can accept these cookies by clicking “Accept” or reject them by clicking “Reject”. For more information, please visit our Privacy Notice