Shopfront of Apple store showing new iOS 13 privacy feature which will close loophole used by VoIP apps
New iOS 13 Privacy Feature Will Close Loophole Used by VoIP Apps by Nicole Lindsey

New iOS 13 Privacy Feature Will Close Loophole Used by VoIP Apps

As part of a broader effort to be recognized as a privacy-first technology company, Apple is taking immediate steps to plug a few holes in its iOS mobile operating system. One of the most important of these changes – a fix to the PushKit VoIP API that will make it impossible for VoIP apps to run tasks in the background – will have immediate implications for popular VoIP apps such as WhatsApp and Facebook Messenger. As Apple explained at the recent WWDC 2019 developers conference, this change to iOS 13 is one of many that are going to make it increasingly difficult for third-party developers to add new app features for the sole purpose of collecting data.

How the change to iOS 13 will impact VoIP apps

The new and improved iOS 13 will limit the ability of VoIP apps such as Facebook Messenger and WhatsApp to run in the background. Typically, these apps have exploited a loophole in the PushKit VoIP API that enables background access while users are engaged with other tasks. Thus, even if the VoIP app is not open and actively running on a user’s mobile phone screen, it can still detect an incoming call and alert the user. By running in the background, VoIP apps claim to make life easier for the user, by making sure that they never miss an incoming call.

Until recently, that ability to run in the background was viewed as a feature, and not a flaw. However, then came the news that some third-party apps were exploiting that background access to collect data on users (such as their physical location, or their usage of other apps). In many ways, this was the equivalent of snooping on users without their knowing it. One of the companies widely suspected of using this loophole to its advantage to collect user data was Facebook, which has a spotty track record when it comes to user privacy.

Thus, by limiting the ability of VoIP apps to run in the background in iOS 13, Apple is also closing down a potential privacy loophole. As might be expected, Facebook claimed that it was not inappropriately using the API for VoIP apps, and that no extra data was being collected on users. Facebook executives told The Information, which first reported the story, that the releases are not insignificant, but that it would comply fully with the new rules of the road for the iOS 13 operating system. The new iOS 13 is due out in September 2019, but developers for messaging apps will likely have until early 2020 to comply with the new changes.

Before you continue reading, how about a follow on LinkedIn?

Biggest impact of changes to iOS 13 for VoIP apps

According to privacy experts, the greatest impact of the change to Apple’s iOS 13 will likely be felt by WhatsApp, the world-class private messaging app that built its reputation on the basis of end-to-end encryption. The only problem, from a development perspective, was that the company used the VoIP API to deliver the encryption functionality. In other words, developers may have to redesign the app from scratch if they cannot figure out a way to deliver this same encryption without simultaneously taking advantage of the ability to run in the background.

Other apps that could feel the impact of changes to iOS13 for VoIP apps include Facebook Messenger, Snapchat and WeChat. That’s because just about every popular VoIP app in the marketplace today is built on the basis of the PushKit VoIP app. Thus, any change to the API will necessitate changes to these apps. Most likely, this will be in the form of new VoIP push notifications that tell users a call is waiting for them. Users will then need to open the app anew, since it will not be running in the background automatically.

Privacy as a new selling point for Apple

These changes to the API are part of a broader strategy by Apple to deliver a world-class privacy experience for users. The upcoming iOS 13 will also include, for example, a “Sign In With Apple” system that will make it safer and more private for users to browse the web. Apple is also going to offer something that it is calling “one-time location sharing.” Combined, all of these features will make the web a safer and more private place for Apple users.

Thus, some Internet experts are positioning the changes to iOS 13 as some sort of “privacy showdown” between Apple and Facebook. In many ways, Apple is trying to distance itself from Facebook, which has been plagued by privacy scandal after privacy scandal. And Apple has been none too pleased that Facebook has played fast and loose with its iOS apps in the past, even going so far as to offer certain app features to its users without Apple’s knowledge. And Facebook has notoriously been willing to dangle expanded access to user data as an incentive for developers to create new apps for Facebook.

New #Apple iOS fix to PushKit VoIP API will stop third-party developers from adding new app features to collect data. #privacy #respectdata Click to Tweet

Taking a big picture view, Apple may be attempting to position privacy as a service that it can offer tech consumers. For tech consumers willing to pay a premium for Apple products, they would also receive access to an expanded set of privacy features and privacy guarantees that simply are not available anywhere else. Thus, all the little tweaks and changes coming to iOS 13 are really part of a strategy to convince consumers that Apple takes privacy seriously and that it is committed to deliver a world-class user experience, including a world-class private messaging experience.

The future of VoIP apps on Apple devices

In many ways, the changes to iOS 13 are about more than just the way apps run in the background, or about the way a particular app handles an Internet call or voice calls. The changes are really about making tech developers take privacy more seriously, and to recognize how seemingly innocuous features – such as the ability to run background tasks – can be subverted or abused in order to collect data. As a result, look for upcoming iOS releases to have even more privacy-first features that benefit mobile consumers.

 


Follow CPO Magazine