Security researcher Tommy Misk has discovered that apps can collect sensitive user data through push notifications in the iPhone.
As it turned out, some popular services, including TikTok, Twitter and Bing, use the advanced notification center features that appeared in iOS 10. This version of the OS was released back in 2016.
Initially, the innovation was intended so that developers could supplement notifications with their own content. However, some of them seem to have repurposed it for more secret activities, including bypassing the operating system's restrictions on background activity.
The type of data being sent includes unique device signals that can be used to fingerprint and track user activity in various applications.
Apple has always maintained strict control over applications running in the background to protect user privacy and ensure optimal device performance. Soon, the company will also require developers to clearly indicate why their projects need API access, writes Research Reveals How iPhone Push Notifications Leak User Data / MacRumors MacRumors. There is no doubt that the "hole" in the push notification settings will be eliminated in the near future.