iOS: If you’re having trouble finding a good parental control app in the iOS App Store, there’s a reason for that: MDM, or Mobile Device management. According to Apple, apps using MDM “incorrectly” pose serious security risk, and so the company is cracking down—but what does this actually mean?
What is Mobile Device Management?
Mobile Device Management (MDM) is a general term for any technology that allows one device to be controlled and/or monitored by another remotely. Parental control apps on iOS often rely on MDM as a means for controlling screen time, applying content filters, and collecting usage reports, because it’s the only way to obtain device permissions for these kinds of activities. Otherwise, your everyday app on the App Store can’t control your device to this great a degree.
This isn’t some newly implemented technology. MDM has been present on iPhone for years now, with Apple overseeing MDM certification for its devices and even controlling all MDM-based actions on iOS apps.
So why is Apple now so worried about apps using this feature in a way it wasn’t intended? The company now claims that apps with MDM can leave your personal data vulnerable and open to exploitation by hackers, hence the purging of parental control apps from the App Store.
On paper, the move makes sense. If an unwilling person is tricked into installing a certificate from a less-than-stellar app, they’ve just given over the keys to their digital kingdom—a privacy breach Apple would very much like to prevent.
“MDM does have legitimate uses. Businesses will sometimes install MDM on enterprise devices to keep better control over proprietary data and hardware. But it is incredibly risky—and a clear violation of App Store policies—for a private, consumer-focused app business to install MDM control over a customer’s device. Beyond the control that the app itself can exert over the user’s device, research has shown that MDM profiles could be used by hackers to gain access for malicious purposes,” reads a statement Apple published last last month.
Developers (try to) fight back
Several developers with parental control apps now affected by the new MDM policy have responded to Apple’s claims, and their arguments highlight some inconsistencies with Apple’s reasoning.
One app, OurPact, uses MDM to allow parents to set screen time limits on their child’s devices. OurPact’s developers released a statement using Apple’s own MDM documentation to refute the alleged security risks. You can read the full statement here, but the gist of the argument is that since Apple controls the entire MDM review process for iOS apps, properly vetted apps should not pose any of the risks Apple is warning against. As well, OurPact has been open about what it does and how it does it:
“OurPact’s core functionality would not be possible without the use of MDM; it is the only API available for the Apple platform that enables the remote management of applications and functions on children’s devices. We have also been transparent about our use of this technology since the outset, and have documented its use in our submissions to the App Store,” the company’s statement reads.
Some have suggested Apple’s actual reason for removing these MDM-enabled parental control apps is to curb potential competition with iOS 12’s screen time feature. However, other reports point out that many of the apps were purged for various other violations unrelated to MDM, like the prohibition on creating “an App that appears confusing similar to an existing Apple Product, interface, app, or advertising theme.”
If you ask us, the whole this is a net loss for Apple’s customers, even though it is the security-minded approach to take.
What Apple’s purge means for you
Policy disputes between Apple and app developers are one thing, but the biggest concern for iOS users—especially for parents—is that parental controls/screen time apps are being removed from App Store.
This would be less of an issue if Apple provided developers with its own API for controlling screen time, but it does not. More importantly, many of the removed apps like OurPact, Kidslox, and Qustodio included features that iOS parental controls do not—such as filtering web content on non-Safari browsers and cross-compatibility with Android. Their absence leaves parents with fewer options for monitoring their child’s screen time (though there’s debate over just how effective screen time limits can be).
Hopefully, the outcry from developers and the feedback from users will force Apple to at least open up a discussion about the future of parental control on the App Store. For now, however, you might as well settle for using the parental control features built into iOS 12. They’re not as robust when compared to the rival apps, but it’s probably your safest bet for locking down your kids’ activities right now. It might soon be your only one.