iOS security suggestion

Greetings,

I am going to be a bit technical, iOS engineers will know what I’m talking about!

There is no doubt that the iOS app is audited and tested for security purposes.
I just wanted to suggest something I can see visually which is a common practice among banking/financial applications.

That is when you move the app in the background. After moving the app in the background, the system takes a snapshot of the interface and that is what you see when scrolling through apps in the app switcher. That screenshot must not contain sensitive data.

I know that card numbers and funding accounts are masked with asterisks, still the account balance and portfolio are sensitive.

It is an easy fix, blurring the view or putting an entirely custom one on top.

Best regards

Thanks for the suggestion - we’ll look at it. Appreciated!

2 Likes

I personally don’t like that, and see no need for it because random people rarely stare at my screen when I’m switching between apps. So - if you dicide to implement it - please also add an on/off toggle. :slightly_smiling_face:

It’s not for just not viewing the UI when switching between apps.
These screenshots are stored in the device and can be accessed if jailbroken. Losing your device can give access to those screenshots :wink:

I see, thanks! But [offtopic]: why do people keep jail braking their devices? Are you requesting the feature because your device is jailbroken?

Not at all, but an attacker stealing my device might. There is no point in buying an iOS device and jail breaking it. You lose all the security it offers you.
This is a common security implementation. I’m sure your banking app has it. In fact if the device is jailbroken the app should not work.

1 Like

This is an interesting idea and I think the same applies to android. I just tested this on my Samsung… when my banking apps (starling and lloyds) go to the background it whites out the screen so nothing can be seen. T212 does not hide anything (other apps like coinbase or binance do not appear to hide either so maybe it’s only for banking?)

Edit: starling also doesn’t allow you to take screenshots.not sure I would like this in T212 app though

Banking apps are penetration tested very heavily. Among a ton of other things they fix that too :wink:

Crypto wise I have the Bitstamp app which does it. I have also Signal (privacy oriented chat app) which does it also!