How secure is inter-app communication in iOS?

iphone security url-scheme
William Niu picture William Niu · Mar 29, 2011 · Viewed 8.7k times · Source

I have come across a few articles on inter-app communication on iOS, e.g. "2-way app integration on the iPhone: How it works", and "Apple Approved iPhone Inter-process Communication". Essentially they use custom URL schemes to communicate. My question is what are the security concerns if I were to pass some sensitive data, such as login credentials?

Answer

Claus Broch picture Claus Broch · Mar 29, 2011

Don't use URL schemes for any sensitive data. They are in no way designed to be secure.

Instead you should use the Keychain mechanisms in iOS which are designed for exactly this purpose.

Related questions

How do you monitor network traffic on the iPhone?

We are looking for a Wireshark-like tool to use on the iPhone to test a 3rd party application before partnering with the 3rd party. Any suggestions?

Read More
Lock-down iPhone/iPod/iPad so it can only run one app

We'd like to 'lock-down' an iPhone/iPod/iPad so that the user can only run one app (we've developed this app internally). I'm guessing we'd be looking at jailbreaking, and then replacing (?) the default Springboard app. Can we do this? …

Read More
Obscure a UITextField password

I am doing a login page. I have UITextField for password. Obviously, I do not want the password to be seen; instead, I want circles to show when typing. How do you set the field for this to happen?

Read More