CUPERTINO, Calif. - Apple discovered a bug in its iOS 13 and iPadOS which poses a potential security threat to users who have installed certain keyboard apps on iPhone, iPad and iPod touch.
The bug is related to third-party keyboard extensions, which can be designed to run all on their own so that they don’t need access to external services, but they can also request “full access” to provide additional features.
Apple discovered a bug that grants third-party keyboard extensions full access even when the user hasn’t specifically approved this access. This means the third-party keyboard extension can talk to other apps or get internet access, but it also allows the creator of the keyboard extension to see your keystroke data, which can provide them with your personal information, such as passwords.
“This issue does not impact Apple’s built-in keyboards,” Apple clarified in a statement on the issue. “It also doesn't impact third-party keyboards that don't make use of full access.”
Apple said that an upcoming software update will fix the issue.
You can check which third-party keyboard apps are currently installed on your phone that could be impacted by the issue by first opening the Settings app, then going to “General > Keyboard > Keyboards.”