Raising the limitation placed on the use of 3rd party keyboards was one of the striking features of iOS 8. Earlier, users were restricted to the default iOS keyboard and many users have voiced their support in favor of allowing customized keyboards. Now, that this has been solved via iOS 8 extensions, everyone can breathe a bit easier, right? Well, not yet. There are few things that could have possible security implications that you should know before opting for a customized iOS 8 keyboards.
Never give full access to 3rd party keyboard apps
By turning off full network access, custom keyboards are restricted to basic operations like autocorrect and spell-check. This also ensures that the data you key in is contained within the device and isn’t sent outside the device. It is very essential to ensure data security. This is one reason why iOS automatically switches to its default keyboard while entering passwords. To deny full access to custom keyboards, follow the below steps
- View a list of all installed third party keyboards by going to Settings >> General >> Keyboard >> Keyboards.
- Select each individual keyboard and check if the box “allow full access” is selected. If it is, kindly uncheck it.
- Repeat the above step until all the keyboards and denied full access
However, there are a few 3rd party keyboard which requests for full network access, apart from location info, address and keystroke data. This may be with an intention to enhance the functionality of the keyboard. By allowing full access to such apps, you are consenting to the fact that the keystrokes you make might be routed to external servers where they will be used to optimize your keyboard experience. This also means that there is a chance that the sensitive information you entered might be compromised. Therefore, it is up to the discretion of the developer and user to seek and provide full network access.
Users need to make an informed decision as to whether they need a custom keyboard. Even if they do, they should understand the security implications of providing complete access to these keyboards. Mentioned below are few steps that will ensure the privacy and security of the data you enter in a custom iOS 8 keyboard.
- Deny full access: nobody can fully control what keystroke data a custom keyboard sends back to its server. The only safe way out of this is to deny full access to the developer. Some keyboards don’t work without full access. It is better to avoid those. You can always switch back to your default keyboard anytime you want.
- Using native keyboard for keying in sensitive data: no matter whether you have disabled full access to a custom keyboard, it is always safe to switch to the native keyboard before you enter sensitive data like passwords, credit card details, internet banking login etc. iOS automatically switches back to the default keyboard in password fields, but it won’t hurt to check it manually too.