Connect with us

SOCIAL

Stop iOS apps from using push notification tracking to spy on you

Published

on

Apple Privacy: How To

Any time a company sends a push notification to an iPhone, its application can gather information about the user, including their location, according to security researchers. Meta and TikTok reportedly use push notification tracking, and many other companies do it, too.

Fortunately, there’s a simple solution for users to protect their privacy and keep apps from spying on them.

TikTok and Facebook use push notifications to secretly track users

Social media companies are really advertising companies, and they make more money off their ads if they can target them to users. So they collect personal information in every way they can. Turns out one of the ways is push notification tracking, according to Mysk, a pair of security researchers.

When an iPhone application such as Facebook receives a notification — maybe the user has received a “like” — a lot more happens than a simple on-screen popup. iOS allows closed apps to activate in the background and run to process the notification.

The idea is to enable the third-party software to make the notifications shown on the iPhone more useful. But companies are using the feature to gather data on users whenever they receive a notification.

Advertisement

As the security researchers at Mysk explain:

“Unsurprisingly, many social apps notorious for their aggressive data harvesting practices are taking advantage of the background execution time enabled by push notifications. In fact, developers can harness this workaround to run code in the background on demand. All they have to do is send push notifications to their users. As a result, iOS would wake their app in the background on every device, then the app runs whatever code the developer has built into the app.”

Many apps ask to track the user’s location, but users can limit that to only when the app is running. But an application that’s processing a notification is running and so can record and transmit location information.

It doesn’t stop there. Mysk reports that that iPhone applications are using push notification tracking to collect “system uptime, locale, keyboard language, available memory, battery status, device model, display brightness, to mention a few. Such signals are commonly used for fingerprinting and tracking users across different apps developed by different developers.”

The practice is apparently widespread. It’s used by TikTok, Facebook, FB Messenger, Instagram, Threads, X and “many more,” according to Mysk. Last December, Apple confirmed that some governments use push notification spying.

Advertisement

How to protect your privacy: Disable notifications

Disable notifications for shady apps to prevent push notification tracking.
Screenshots: Ed Hardy/Cult of Mac

Fortunately, there’s an easy way to block push notification tracking: Simply stop allowing questionable iPhone applications to send you notifications.

Making the change isn’t difficult, but it has to be done for every app. And the security researchers at Mysk say it’s necessary to disable all notifications for a given app — switching to badges or only alert sounds isn’t enough.

To make the change, go to Settings and scroll down to Notifications. Find the app you want to disable notifications for and tap on it. A page with a full range of notification options will appear, but all you need is the one at the top: Be sure Allow Notifications is toggled off.

Repeat the process for Facebook, X, etc.

Obviously, protecting your privacy means giving up receiving alerts whenever someone likes or responds to one of your social media posts. But the change will probably make you more productive … and might even make you happier.

Advertisement

Mysk created a video with more details on push notification tracking:



Source link

Advertisement
Keep an eye on what we are doing
Be the first to get latest updates and exclusive content straight to your email inbox.
We promise not to spam you. You can unsubscribe at any time.
Invalid email address