How to Stop iPhone Apps Snooping via Push Notifications
Apple is well known for being a privacy centric company and building tons of security and privacy features into the iPhone and iPad to control things like location tracking and app tracking, but some big name app developers are coming up with creative ways to pry details about your device. One such crafty method of device snooping uses the push notification system to gather system information about your iPhone.
According to the security researchers at Mysk, apps can send a push notification to the user, which then triggers code to run on the users device that can send analytics and device information out to remote servers, and that data can potentially be used to fingerprint a specific device and/or user. Mysk explains:
“many apps are using this feature [notifications] as an opportunity to send detailed device information while running quietly in the background. This includes: system uptime, locale, keyboard language, available memory, battery status, device model, display brightness, to mention a few. Such signals are commonly used for fingerprinting and tracking users across different apps developed by different developers. Fingerprinting is strictly prohibited on iOS and iPadOS.”
Apparently this type of creepy push notification behavior is possible even if the app is not actively running.
Fortunately, there’s a simple way to to stop the potential snooping, and that is simply to turn off notifications for the apps engaging in this activity.
How to Stop Creepy Push Notification Snooping on iPhone
The solution to prevent this potential prying behavior is fairly straightforward, and that is to disable push notifications for the offending apps.
- Go to the “Settings” app on iPhone or iPad
- Scroll down to “Notifications”
- Locate apps to disable notifications for (ie; TikTok, Facebook, Threads, etc)
- Toggle the setting for “Allow Notifications” to the OFF position to disable all notifications for that app
- Repeat with other apps you wish to stop this potential behavior from
Another benefit to disabling push notifications for many of these apps is that you’re going to have much fewer interruptions from them. Do you really need to get a push notification every time someone “Likes” your stuff on social media? That’s up to you to decide, but if you like to maintain your focus (and apparently your privacy too), then probably not!
Considering that fingerprinting devices is prohibited by Apple, it’s likely that a future version of iOS/iPadOS will crack down on this behavior and put it to an end, or maybe Apple will limit this specifically with these big-name social media companies that are doing this. But for the time being, if you don’t want to be subjected to this potential device creeping and whatever the ramifications of it are, simply disable the notifications for those apps.
The video below demonstrates the behavior in action with some prominent social media apps like TikTok and Facebook:
A demo of this activity and behavior was posted to Twitter/X by the Mysk team, with that tweet embedded below:
🚨🎬 Privacy Concerns about Apple Push Notifications
TL;DR: data-hungry apps use push notifications as a trigger to send app analytics and device information to their remote servers, even if the apps aren't running at all on your iPhone. Such apps include TikTok, Facebook, FB… pic.twitter.com/qyFDbmrBjq
— Mysk 🇨🇦🇩🇪 (@mysk_co) January 25, 2024
Cheers to CultOfMac for pointing out this research by the Mysk team, and putting it onto our radar, and now onto yours.
Do you use push notifications from social media apps, or apps in general? What do you think of this type of behavior? Personally, I tightly limit notifications to just a few trusted apps from Apple, like Messages, Phone, Calendar, Reminders, but I’ve been doing that for a long time to eliminate distractions. I’m also an advocate for privacy, so knowing that turning off notifications for social media not only helps my focus but also can prevent some creepy snooping type of behavior, is a bonus for me. Let us know your thoughts in the comments below!