Some of the most popular apps on iOS circumvent Apple’s terms of service to collect sensitive information about the devices they are installed on.
According to the researcher who discovered this practice, this is worrying because Such applications can use this data to profile their users and then track themwhich is strictly forbidden by Apple.
According to Mysk’s statement on X, with iOS 10, Apple allowed mobile apps to run in the background to process and then display notifications. Once the process is complete, the applications will be paused again and then closed to improve performance and security.
However, During this short period of time, some apps were observed collecting sensitive data from the device. This includes system availability, regional settings, keyboard language, available memory, battery status, memory usage, device model and screen brightness.
According to Mysk, all of this can be used to create a profile of users and then track them.
Our testing shows that this practice is more common than we expected. What’s astonishing is the frequency with which many apps send device information after being triggered by a notification.
Many apps appear to be abusing the privilege of sending push notifications to mobile users, including some popular apps like TikTok, Facebook, Twitter, LinkedIn and Bing, said the researcher, who demonstrated this in a video published on YouTube.
According to Musk, Apple will apparently tighten restrictions on the use of device signaling APIs in the near future and require app developers to specify why they need to use APIs that can lead to user profiling. Developers who do not provide a satisfactory response will not be granted access to the App Store.
However, if you’re worried about being profiled by apps like Facebook, it’s a good idea to turn off push notifications completely.