iOS Limitations
Last updated: December 9, 2024
iPhone and iPad apps are significantly limited by Apple, to the point that there are no great accountability solution for monitoring iPhones. All of them have loopholes, Truple's included. However, parents and other report recipients can easily review Truple's reports on their iPhone by simply logging in at https://app.truple.io.
We regularly get asked about Truple's offering on iOS (iPhone/iPad). The answer behind why we offer what we do, and what alternatives there are is unfortunately complicated. It's my hope in this blog post to explain:
- Why Truple only offers domain tracking and filtering on iOS
- What alternative solutions exist, their pros/cons
- Our recommendation for iOS users
Why Truple only offers domain tracking and filtering on iOS
Or, to better phrase the question, why doesn't Truple for iOS work as well as Truple for Android?
Because Apple limits what functionality is allowed on an iOS apps. If you attempt to build an app that provides a greater degree of accountability, you'll quickly find that Apple prevents it either technically or will reject the app once it's submitted for review.
Truple's current iOS solution works because Truple acts as a vital piece of internet infrastructure--the Domain Name Service (DNS) for your phone. To keep it brief, DNS is the "phone book" of the internet. It takes a website, like "google.com" and turns it into an internet address like 172.217.14.206. The iPhone's underlying technology relies on a DNS whenever it wants to talk over the internet. By acting as the DNS for the phone, Truple can record every website loaded across every app on the entire phone. And this is the primary reason why we use this solution--because it works across the entire phone.
However, this solution really isn't that great. At the end of the day, no one really cares what website you load. What people care about, is what you're looking at. Which is why screenshot accountability is so amazing--it focuses on what is looked at.
What alternative solutions exist
There are roughly three alternative solutions currently found on the App Store:
Solutions that leverage iOS backup services
These solutions work by having the iPhone backup data to a backup service--but the backup service is accessible by the accountability company and they're able to read the data and produce reports based upon it.
In general, these solutions are limited to the data that iPhone's send to the backup service. This can include things like:
- Messages sent through some apps, but not all
- Posts on some social media sites, but sometimes not direct messages
- Websites loaded through Google Chrome browser, but not Safari and most other browsers
This sort of solution does not report what you're looking at. It tends to focus more on what you're sending, images you are taking, etc. It typically works for some small subset of apps, and only captures a portion of what's going on within those apps.
Solutions that use a VPN and perform a man-in-the-middle attack to sniff your data
These solutions work by taking all of the internet traffic being sent from the iPhone, and sending it through a Virtual Private Network (VPN) owned by the accountability company. The accountability company then attempts to decrypt the data, likely by performing a man-in-the-middle attack.
In general, these solutions:
- Can report the website being visited, as well as the webpage title
- Struggle to report what's loaded from within apps
- Cause a lot of apps (a common one is Netflix) to not work properly, as the man-in-the-middle attack gets detected and the app's security standards refuse to load the content.
Solutions that use a custom browser
Now the most common solution, is one where the app provided by the accountability company is a custom browser that records what you do within that one app (whether as a screenshot, or just the website you visit) then builds a report around it. The primary issue with these solutions, is they don't track anything other than what you viewed within that one app.
These custom browser solutions are the most common and they're extremely easy to bypass. All the individual has to do is use a different app to load the pornographic content.
Now, you could block all other apps. But unfortunately you literally need to block ALL of them and basically take your $1000 smart phone and turn it into a $50 dumb phone. Why? Primarily because of WebViews (aka "hidden browsers").
WebView's are a building block provided by Apple to app developers, that allows the app developer to have the app load a website within the app. From the user's perspective, they're still in the app, but they're actually loading a website. The problem though, is the user can navigate to other websites from within the WebView. While it's not quite as easy as using a standard web browser, they can make it to social media sites or search engines and find pornographic content.
To make matters worse, WebView's are extremely common and found on a LOT of apps, including banking apps, healthcare apps, weather apps, bible apps, etc. Apps that you'd normally think were "safe". And it's not uncommon for apps that at one point in time didn't include them, to include one in an update.
Our Recommendation
Unfortunately, this leaves you with no bullet proof options for iOS. Truple's iOS solution isn't amazing, but it does work across the entire device, and works across all apps. If you really care about being held accountable though, and making it so there aren't any real loopholes, we'd recommend you consider switching to Android. We know this isn't what most people want to hear. But until Apple allows for decent accountability apps on iOS it's going to remain the best option for most people.