Snapchat blocks third-party apps from accessing its APIs
Snapchat has had its fair share of data breaches and security troubles, the latest of which stemmed from the fact that the app’s internal API has been reverse-engineered and is used by a number of third-party mobile apps.
While Snapchat expressly forbids the use of third-party apps to send and receive snaps, the reality is that, until recently, it couldn’t enforce that ban.
This lead to the “Snappening,” an incident that resulted in the leaking of an archive of tens of thousands of snaps and videos stored by the creators of SnapSaved, a third party site that allowed Snapchat users to save those messages without the sender’s knowledge.
But, according to Jad Boutros, Snapchat’s director of information security, things have changed.
The service’s APIs have been recently “fortified,” making third-party apps not work as advertised; the company is working with Apple and Google to boot apps that violate Snapchat’s terms of service from their app stores; and, finally, the company is set on locking accounts of users who insist on using third-party apps (they are first warned to stop doing it).
They have also changed their privacy policy to say that it’s impossible to prevent recipients from saving sent snaps: “You should understand that users who see your messages can always save them, either by taking a screenshot or by using some other image-capture technology (whether that be software or even something as old-fashioned as a camera to take a photo of your device’s screen). If we’re able to detect that a recipient took a screenshot of a message you sent, we’ll try to notify you. But the same common sense that applies to the Internet at large applies to Snapchat as well: Don’t send messages that you wouldn’t want someone to save or share.”
The company has recently expanded its bug bounty program, and last week they released their first transparency report.