Popular iOS keyboard SwiftKey disables sync feature after data leak is discovered

Posted:
in iPhone edited July 2016
Microsoft-owned SwiftKey, a popular predictive keyboard available on Apple's iOS, has suspended part of its service after it was discovered the app was leaking user data to complete strangers.




Created by three Cambridge students and acquired by Microsoft for $250 million earlier this year, SwiftKey uses artificial intelligence to make predictive suggestions when a user is typing. To accomplish this, SwiftKey learns how a user communicates, the unique words or phrases they use and saves them in a database.

Thanks to the company's online sync options, users can also have their database synced across multiple devices, ensuring the keyboard works the same regardless of which device they're currently using.

However, SwiftKey's sync functionality has been sharing a little too much, offering suggestions and predictions based on the information of complete strangers, according to The Telegraph.

One user was reportedly surprised to see a stranger's email suggested by SwiftKey when she was typing in the keyboard, while another was apparently offered suggestions in a language they had never used.




Given the sensitive nature of information that is often typed into a keyboard -- such as names, phone numbers, email addresses and even credit card or banking information -- these revelations have raised serious concerns about the safety and integrity of the data SwiftKey uses, especially for individuals in professions where confidentiality is imperative.

In a post on the company's blog, SwiftKey acknowledged the issue, stating that "the vast majority of SwiftKey users are not affected."

"While this did not pose a security issue for our customers, we have turned off the cloud sync service and are updating?our applications to remove email address predictions," the company said. "During this time, it will not be possible to back up your SwiftKey language model."

Comments

  • Reply 1 of 19
    65026502 Posts: 380member
    Exactly why iOS switches to the native keyboard for password entry.
    sockrolidjbdragonration alindyfxdysamoriamagman1979nolamacguyanton zuykov
  • Reply 2 of 19
    sflocalsflocal Posts: 6,092member
    If Apple did this, it would be world headlines, with everyone demanding Tim Cook's head on a platter.  But no, since it's someone else... it barely registers a fart in the wind.
    rich gregorysockrolidjbdragonindyfxpscooter63magman1979nolamacguybadmonkanton zuykov
  • Reply 3 of 19
    Time for them to cut some more jobs!
    nolamacguy
  • Reply 4 of 19
    noivadnoivad Posts: 186member
    Now I’m glad the SwiftKey’s Keyboard layout wasn’t conducive to using proper punctuation, & I removed it before trusting it.
  • Reply 5 of 19
    sockrolidsockrolid Posts: 2,789member
    Microsoft-owned SwiftKey, a popular predictive keyboard available on Apple's iOS, has suspended part of its service after it was discovered the app was leaking user data to complete strangers. ...
    Quick fix: change the name to SwiftKeyLogger.
    pscooter63bonobobnoivadmagman1979nolamacguy
  • Reply 6 of 19
    lkrupplkrupp Posts: 10,557member
    This is what happens when you venture outside the Walled Garden.
    dysamoriamagman1979
  • Reply 7 of 19
    hexclockhexclock Posts: 1,244member
    Ahhhhh Microsoft. Will you ever win?
    Embarrassing. 
    ration aldysamoriabrakkennoivad
  • Reply 8 of 19
    hexclockhexclock Posts: 1,244member
    noivad said:
    Now I’m glad the SwiftKey’s Keyboard layout wasn’t conducive to using proper punctuation, & I removed it before trusting it.
    Punctuation whats that 
    dysamoriatshapinoivadcommand_f
  • Reply 9 of 19
    mtbnutmtbnut Posts: 199member
    If Microsoft owns Swift Key, then who owns Word Flow?

    Oh wait, Microsoft owns both.

    Redundancy is okay for servers and, according to MS, apps!
    edited July 2016
  • Reply 10 of 19
    TomETomE Posts: 172member
    Sometimes is helpful, but when it thinks for me and frequently puts words that are not what I intended, it makes me have to ready very closely.  It also requires me having to spend more time correcting the wording than it did to write it originally.  I have been thinking I should turn this feature off and now I have made my decision.
  • Reply 11 of 19
    mcdavemcdave Posts: 1,927member
    So you can learn by other people's mistakes.
    brakkenpscooter63nolamacguy
  • Reply 12 of 19
    noivadnoivad Posts: 186member
    hexclock said:
    noivad said:
    Now I’m glad the SwiftKey’s Keyboard layout wasn’t conducive to using proper punctuation, & I removed it before trusting it.
    Punctuation whats that 
    I dunno who didn’t like this comment, cuz I thought it was funny. good job.
  • Reply 13 of 19
    magman1979magman1979 Posts: 1,292member
    This is why I NEVER have, and NEVER WILL, trust third-party "smart" keyboards! This is basically an open invitation to having all your writings captured, because you never know when the backend will be hacked, cause the companies are usually never forthcoming on such a breach, and with the power of the A9 in the iPhone 6S, stuff like this should, and can, be done locally on the device now, not on the cloud.

    lkrupp said:
    This is what happens when you venture outside the Walled Garden.
    Well put! People against this are idiots as far as I'm concerned, especially in this day and age!
  • Reply 14 of 19
    badmonkbadmonk Posts: 1,286member
    Isn't this that "superior AI of MS, Alphabet and Amazon" that Wall Street gets excited about?
  • Reply 15 of 19
    gatorguygatorguy Posts: 24,178member
    This is why I NEVER have, and NEVER WILL, trust third-party "smart" keyboards! This is basically an open invitation to having all your writings captured, because you never know when the backend will be hacked, cause the companies are usually never forthcoming on such a breach, and with the power of the A9 in the iPhone 6S, stuff like this should, and can, be done locally on the device now, not on the cloud.

    lkrupp said:
    This is what happens when you venture outside the Walled Garden.
    Well put! People against this are idiots as far as I'm concerned, especially in this day and age!
    Here's a security summation (and explanation of Apple's involvement) of who sends everything you type to a cloud server and who doesn't for those who have no idea about it. Surprisingly Google is in the "doesn't" category FWIW. 
    https://zeltser.com/third-party-keyboards-security/
    edited July 2016
  • Reply 16 of 19
    magman1979magman1979 Posts: 1,292member
    gatorguy said:
    This is why I NEVER have, and NEVER WILL, trust third-party "smart" keyboards! This is basically an open invitation to having all your writings captured, because you never know when the backend will be hacked, cause the companies are usually never forthcoming on such a breach, and with the power of the A9 in the iPhone 6S, stuff like this should, and can, be done locally on the device now, not on the cloud.

    Well put! People against this are idiots as far as I'm concerned, especially in this day and age!
    Here's a security summation (and explanation of Apple's involvement) of who sends everything you type to a cloud server and who doesn't for those who have no idea about it. Surprisingly Google is in the "doesn't" category FWIW. 
    https://zeltser.com/third-party-keyboards-security/
    Always the Google apologist... While it remains to be seen if Google ACTUALLY doesn't send anything you type to the cloud, as they've been caught breaking their own terms of service many times before, the third-party keyboards supplied by many of the OEM's, and all those keyboards on the App Store, sure as hell send data to the cloud.

    So thanks, but no thanks...
    anton zuykov
  • Reply 17 of 19
    6502 said:
    Exactly why iOS switches to the native keyboard for password entry.

    Also exactly why I never switch to any other keyboard for anything else!
    edited August 2016
  • Reply 18 of 19
    gatorguygatorguy Posts: 24,178member
    gatorguy said:
    This is why I NEVER have, and NEVER WILL, trust third-party "smart" keyboards! This is basically an open invitation to having all your writings captured, because you never know when the backend will be hacked, cause the companies are usually never forthcoming on such a breach, and with the power of the A9 in the iPhone 6S, stuff like this should, and can, be done locally on the device now, not on the cloud.

    Well put! People against this are idiots as far as I'm concerned, especially in this day and age!
    Here's a security summation (and explanation of Apple's involvement) of who sends everything you type to a cloud server and who doesn't for those who have no idea about it. Surprisingly Google is in the "doesn't" category FWIW. 
    https://zeltser.com/third-party-keyboards-security/
    Always the Google apologist... While it remains to be seen if Google ACTUALLY doesn't send anything you type to the cloud...
    Remains to be seen? Followup security research verified it. Read the article again. 
    singularity
  • Reply 19 of 19
    6502 said:
    Exactly why iOS switches to the native keyboard for password entry.
    And exactly why I don't use third party keyboards at all.
Sign In or Register to comment.