Sometimes, an iOS application wants to access your contacts, for good but sometimes, perhaps, for bad reasons. Here is how to control which apps your iOS contacts can read. And revoke the permit if necessary.
Your contacts are encrypted both in transit and on Apple's managed servers. In other words, end-to-end encryption. Here is the Apple note that explains: “ICloud security overview.“However, it is important to consider the following from Apple:
In some cases, your iCloud data can be stored on third-party servers, such as Amazon Web Services or Google Cloud Platform, but these partners do not have the keys to decrypt your data stored on their servers.
End-to-end encryption requires that you have two-factor authentication enabled for your Apple ID. Keeping your software updated and using two-factor authentication is the most important thing you can do to maintain the security of your devices and data.
Inside the iphone
When you have logged in to your iPhone, you can see your contacts because, of course, the data is decrypted. But that is also true if it grants access to third-party applications. iOS will notify you if an application wants to access your contacts. You can, and probably should, deny access until you have determined a legitimate and urgent need.
Typical applications that request access are third-party contact managers and communication applications, such as Skype, which have an address book but do not want to duplicate what they have already created in their own contacts. In general, I suffer the inconvenience of denying access for security reasons. In addition, some games will request access, with apparent innocent intent, to help you connect better with your friends. This could also be dangerous. This is the why.
When an application accesses your contacts, keep in mind that not only are you looking at the phone numbers and addresses of your friends and family, but also, for example, the names of your doctors and any personal health information you may have placed in the Notes field. Or financial data such as credit card or account numbers. O :: panting :: passwords. Watch: “People, do not store private data in your address book."
As far as I know, Apple does not have barriers or filters that block outgoing and loaded Contacts data from any application. Then, if an application can access your Contacts, you could load the entire unencrypted data file, in an instant, to your main server / developer. There is no iOS blocking, notification or alert. [There should be.]
To control access to contacts:
- Tap the iOS settings.
- Scroll down and tap Privacy.
- Tap Contacts.
There you will see a list of all the applications that have previously requested access to your contacts and the current permission status. If you see one that needs your access revoked, you can drag the slider to the off position. Denying access to third-party applications will not prevent your data from being synchronized through iCloud.
Keep in mind that if the application had previously behaved badly, there may already be a commitment.
The next time an application requests access to your contacts, my advice is to reject it immediately. Then, later, decide if you trust the application. These days, trust is hard to win.
[Note: The above security discussion also applies to your iOS Calendar, etc.]