Apple rolled out iOS 13.1 and iPadOS earlier today, which should fix some of the bugs found in the pretty rocky iOS 13.0 release. But the company is already warning customers about another bug it hasn’t gotten around to resolving just yet.
As detailed in this support article, Apple says that third-party keyboards installed on iOS 13 and iPadOS might be able to gain “full access” even if you haven’t authorized this. Keyboards with full access can send data to the internet, and that could potentially include whatever it is you’re typing. TechCrunch first reported on the bug.
Apple plans to fix the bug “soon” in an upcoming software update. iOS 13.2 has already entered beta testing, so, presumably, the patch will be included whenever that is released to all iPhone customers.
Popular third-party keyboards include Google’s Gboard, the Microsoft-owned SwiftKey, and Grammarly. If you use one of them, it’s fairly likely that you’ve already granted full access, as these keyboards often request it to provide additional features. If that’s the case, there’s not much of anything to worry about here. But if you’ve purposely avoided granting full access, you might want to temporarily delete third-party keyboards. And it should go without saying, but don’t install alternate keyboards that you don’t trust.
Crucially, Apple prevents third-party developers from recording your passwords by always switching to the default iOS keyboard in password fields even when you’re using something like Gboard for everything else.
With iOS 13 and iPadOS, Apple took another step in catching up to third-party keyboards by finally added a swipe method of inputting text. The company calls its take on this feature QuickPath.
You can check if you’ve got any third-party keyboards installed by going to Settings -> General -> Keyboard -> Keyboards -> Edit.