When Apple released iOS 13, there was a small but significant change to its operating system which impacts how push notifications and VoIP calls are handled. Prior to iOS 13, the Armour Mobile app securely dealt with incoming push notifications for all calls and messages. Armour Mobile would alert the user and present the appropriate interface, such as the voice/video calling screen. This would happen after first ensuring that the user was logged in to the Armour app and authenticated to see and receive the call.
The change in iOS 13, which was not well explained by Apple, forces apps to use the Apple CallKit user interface when answering an incoming call. For Armour Mobile, this forces us to compromise the user experience while we try to maintain the same level of security. Compared to our existing implementation, this change degrades the user experience.
Apple’s response has essentially been “Hard luck, you’ll just have to work around this because we’re going to force you to use CallKit.” Well, thanks for that helpful response Apple! Armour is not alone, the developers of many other voice apps are as unimpressed as we are at this needlessly clunky and restrictive approach by Apple.
User Interface Limitations
So what changes will our customers notice? Armour Mobile allows users to perform call functions that are not available in the CallKit interface, such as dynamically turning video on and off during a call. However, since only the standard CallKit interface can be displayed when handling an incoming call from the lock screen, Armour users will initially be presented with a limited subset of functionality.
An ‘Armour’ button will be displayed on the CallKit screen, but this requires users to notice the button and press it, to pass through to the normal Armour call screen. This is an unnecessarily cumbersome process that could have been avoided had Apple allowed customisation of the CallKit screen to match the needs of different apps.
Notification data security
Due to CallKit’s integration with the device and its native phone book and call logs, users might be concerned that secure calls would be logged in the native call logs, thereby exposing secure phone numbers and call information in these logs and also to other apps on the phone. Previous versions of CallKit have allowed our app to block this logging, so we expect this to continue, keeping secure call information discretely within the Armour app’s secure database.
However, we will monitor this situation carefully to try to ensure that any changes by Apple do not cause secure contact/call information to leak outside Armour Mobile.
Why Apple, why?
Apple has claimed that these iOS changes are aimed at improving battery performance by restricting background processing as much as possible. Most apps with a voice-calling component (e.g. WhatsApp, Facebook Messenger, Armour Mobile) attempt to keep running in the background where possible to allow the app to react as quickly as possible to incoming alerts, particularly for incoming calls.
It has been noted that many apps may have been using the push notifications to perform background data collection about the user (location, IP address, etc.) – which is clearly a potential privacy issue. In extremis, such push events could be used to initiate use of the phone’s sensors to invisibly ‘spy’ on the user, abusing the permissions inherently needed by such voice/video calling apps to use the microphone, camera, etc. At this point we feel we have to point out, explicitly, that Armour Mobile is specifically designed to protect a user’s data privacy, for example to only access the microphone or camera when the user has explicitly initiated a call and can clearly see that such a call is in progress.
Other voice app developers are tending to postpone switching to using CallKit for as long as possible due to the degraded user experience and Armour has also adopted this approach but Apple requires all apps submitted to the Apple Store from April 2020 to be compiled against the iOS 13 SDK, i.e. imposing CallKit on all such apps.
Secure communications (but maybe not quite as slick)
An important part of the Armour Comms design ethos is ease of use. We fundamentally believe that security when designed in rather than bolted-on need never compromise the user experience. So, these changes imposed on the user interface by Apple’s new CallKit constraints are deeply frustrating.
We apologise to all users of Armour Mobile however we simply have no choice but to comply with the forced changes imposed by Apple’s new CallKit. This will impose the need to upgrade not just the Armour Mobile app but also the infrastructure that supports it. In the meantime, we will continue to work to minimise any disruption to your user experience.
For more information please read our white paper “Apple’s changes to Push Notifications (APNS)” that explains all the changes in greater detail.