When you want to install a new tool or game on your iPhone, you go straight to the App Store to do so — but it's not the only place you can get apps from. Some developers use back alleys to get their apps to you, while others can trick you into installing them without giving it much thought. This can lead to malicious software running on your iPhone, software you'll want to get rid of asap.
In recent news, TechCrunch uncovered that Facebook was abusing Apple's Developer Enterprise Program, a platform that lets businesses distribute unreviewed apps to employees and sign certificates. Typically, this program is used to let workers test in-progress apps being developed before sending them up for App Store review, just like with the regular Developer Program, and it can be used to give workers mobile tools that the companies don't want available to outsiders. For an example of the latter, Google uses a Gbus app for employees only to request rides.
Facebook essentially suckered teenagers and adults into installing a data-collecting VPN app for "market research" purposes in exchange for $20 each month. Adults signed up right away while kids needed permission from their parents. They'd install a Facebook Research provisioning profile that included permissions to funnel TLS traffic through its VPN tunnel, as well as a root CA certificate that basically let them collect encrypted traffic coming to and from the iPhones for anything that was happening, not just Facebook related tasks. Any app's web use was recorded.
Although Apple is known for its stringent App Store guidelines that restrict vetted applications from harvesting data, the Developer Enterprise Program has virtually no oversight on any of the apps that are distributed using the certificate licenses it gives companies for $300 annually. And as for root certificates, Apple allows many on iOS 12, and it's blocked a few as well.
Facebook isn't the only culprit abusing certificate licenses. For another big name example, Google was doing the exact same thing as Facebook, using a root CA certificate to grab any data going to and from the device for deep packet inspection. And while "trusted" root certificates are the biggest things to worry about, there are regular certificates as well as configuration profiles with or without them.
Anonymous program participants were using the Developer Enterprise Program to distribute porn and gambling apps, and shady developers took advantage to hand out cheating-based versions of popular apps such as Pokémon Go and Angry Birds, as well as pirated versions of paid apps like Spotify and Minecraft.
Unapproved app stores such as TutuApp, Panda Helper, AppValley, and TweakBox, as well as beta-testing platforms BetaBound, uTest, and Applause (which Facebook used), all require a profile installation, usually with a certificate (not necessarily a root one). The same goes for the apps they distribute, as well as solo apps found online. These profiles are easily installed just by tapping on a link in Safari.
The data unapproved apps can siphon off your iPhone is near limitless with a root certificate, but that's not the only thing you have to worry about. Regular CA certificates and profiles can do just as much damage. When using apps that require a profile installation, even if you were unaware of what you were installing, they may ask you for payment details or passwords, something you shouldn't be so quick to give up.
Hackers and other malicious users could use social engineering to get you to install other configuration profiles, which house the certificates, that can include payloads for completing tasks such as creating new email accounts, serving you advertisements and pop-ups wherever you go, or exfiltrating data. And while VPN tunnels are of great concern, hacker's exploits could grab your personal data using a proxy server, changing APN settings, and using man-in-the-middle attacks.
For instance, there have been many related reports by users over the years where a website or email asked them to install a profile and certificate to get access to a weather widget, email app, or some other harmless-sounding feature, which in turn gave the profile permission to create new email accounts, redirect you to malicious websites, and serve ads.
Apple uses its own program to distribute iOS beta software to developers and public beta testers, who then install a profile and certificate combo, and it's safe to say you can continue using those betas if you enjoy getting new features before everyone else. There are also services such as FreedomPop, which use these certificates to adjust APN cellular settings on your iPhone to provide free or low-cost data. Xfinity and LinkNYC use profiles to help users connect to public Wi-Fi hotspots.
Developers can also issue apps they're working on to a limited number of devices in their network before going through Apple's vigorous review process for App Store distribution. Companies, schools, and other places that hand out iPhones or iPads can employ Mobile Device Management profiles on supervised devices. Those profiles can do things such as block iOS updates, block other profiles from being installed, prevent certain apps from running, and even automatically trusting root CA certificates.
And then there are tools like Cydia Impactor which can be used to sideload IPA files for helpful apps such as Kodi, and they use your own Apple ID account information to give the apps permission to run. You could even use the Apple Configurator 2 utility to create a your own configuration profile to do things such as customize app icons on your iPhone without jailbreaking, which doesn't even require a signing certificate.
Don't know if you've downloaded a profile with a root or regular certificate on your device? Luckily, it's easy to not only check but also to remove them from your iPhone. First, to check if you have any trusted root CA certificates, go to Settings –> General –> About –> Certificate Trust Settings.
If there are any here, they'll appear under the "Trust Store Version." If they're green, they're running right now. Root certificates here that were deployed via Apple Configurator or Mobile Device Management are automatically trusted. You can toggle it off to disable it, but that won't delete it, so you'll want to view the next section for that.
To view any existing profiles and/or certificates on your device, go to the Settings application, tap on "General," and scroll down to "Profile/s." If there is not "Profile/s" section, you have none installed. If you do see it, tap on it to view them.
On this page, there can be three different types of profiles, each which can include provisions for settings on your device as well as certificates. They are configuration profiles, mobile device management, and enterprise apps.
Inside the profile, you can see who it's signed by and a short description of it. In some cases, it may not be signed at all, such as when you use Apple Configurator 2 to build a custom profile for yourself.
If you tap on "More Details," you can see what's inside the configuration profile, which usually includes a "signing" certificate and sometimes permissions to adjust things such as internal settings, cellular configurations, VPN information, etc. You can tap on the certificates to view more information about them.
In my example for the TweakBox profile, there's a regular CA certificate titled "Apple Worldwide Developer Relations Certification Authority." This is not a root certificate, but it's still something I don't need.
To delete the profile and certificates, go back to the profile view and tap on "Remove Profile." Enter your passcode when prompted, tap on "Remove," and the root certificate will be removed from your device. Doing this will also remove all permissions given in the first place, should wipe all settings changes by the profile, and will remove or force connected apps from working.
For enterprise apps, select the profile, then tap "Delete App," followed by "Delete App" on the pop-up. This will remove the app and enterprise profile. You can also delete an enterprise app on your home screen like any other app, and it will also remove its profile unless the profile has more than one enterprise app attached to it.
With the profile and/or certificates deleted, your private information, such as web activity and secure transactions, can no longer be accessed by the organization you got it from or tricked you into installing it.
This article was produced during Gadget Hacks' special coverage on smartphone privacy and security. Check out the whole Privacy and Security series.
Keep Your Connection Secure Without a Monthly Bill. Get a lifetime subscription to VPN Unlimited for all your devices with a one-time purchase from the new Gadget Hacks Shop, and watch Hulu or Netflix without regional restrictions, increase security when browsing on public networks, and more.
Buy Now (80% off) >
Other worthwhile deals to check out:
- 41% off a home Wi-Fi analyzer
- 98% off a learn to code bundle
- 98% off an accounting bootcamp
- 59% off the XSplit VCam video background editor
To manually remove an installed certificate, go to Settings > General > Device Management, select a profile, tap More Details, then tap the certificate to remove it.How do I remove a profile from my iPhone? ›
Go to Settings > General > Profiles or Profiles & Device Management,* then tap the app's configuration profile. Then tap Delete Profile. If asked, enter your device passcode, then tap Delete.How do I clear apple certificates? ›
- Launch Settings from your Home screen.
- Tap on General.
- Tap on Profile. (If you don't see Profile it means you have nothing.
- Tap on the profile you want to delete.
- Tap Delete profile.
- Enter your passcode if prompted.
- Tap Delete to confirm.
- Click the "Start" button, type "certmgr. msc" and press "Enter" to launch Windows' certificate manager.
- Double-click "Untrusted Certificates" from the right pane and then "Certificates."
- Right-click the certificate you wish to remove and select "Delete."
- Click "Yes" in the confirmation window.
You would usually remove a certificate if you no longer trust a source. Removing all credentials will delete both the certificate you installed and those added by your device. Go to your device Settings. In Settings, navigate to Security and Location.Why do I keep getting Security certificate warnings? ›
An SSL certificate error occurs when the browser cannot verify the SSL certificates returned by the server. When the error happens, the browser blocks the website and warns the user that the website cannot be trusted as shown below. These warnings will negatively impact the user's trust in your website.What happens if you remove profile on iPhone? ›
If you delete a profile, all of the settings, apps, and data associated with the profile are also deleted.How do I manually delete a profile? ›
- Click Start, right-click My Computer, and then click Properties.
- In this System Properties dialog box, click the Advanced tab.
- Under User Profiles, click Settings.
- Click the user profile that you want to delete, and then click Delete.
- Open your device's Settings app.
- Tap System. Multiple users. If you can't find this setting, try searching your Settings app for users .
- Tap the user's name.
- Tap Remove guest. Remove. The user will be removed from the list.
If you use S/MIME to sign or encrypt email messages, you should not delete your personal certificate, even after it expires. Doing so would cause you to permanently lose access to those messages.
This option allows the quick removal of all user-installed trusted credentials from the device, leaving only the system-installed certificates.How do I view certificates on my iPhone? ›
If you want to turn on SSL/TLS trust for that certificate, go to Settings > General > About > Certificate Trust Settings. Under "Enable full trust for root certificates," turn on trust for the certificate. Apple recommends deploying certificates via Apple Configurator or Mobile Device Management (MDM).Why does a certificate keep popping up on my iPhone? ›
This type of pop-up is an information warning that suggests that something is wrong with the certificate chain-of-trust that secures communication between your iPad and your email provider's servers - the certificates providing verifiable cryptographic elements that secure your internet communications.How do I disable certificates? ›
- Open your Settings, select Security.
- Choose Trusted Credentials.
- Select the certificate you'd like to remove.
- Press Disable.
You can install certificates, commonly referred to as configuration profiles, on your iPhone for various reasons, such as for changing the Access Point Name of your mobile Internet connection or for connecting to an encrypted wireless network.What happens if you remove all certificates on phone? ›
Important: Removing certificates you've installed doesn't remove the permanent system certificates that your phone needs to work. But if you remove a certificate that a certain Wi-Fi connection requires, your phone may not connect to that Wi-Fi network anymore.What can certificates do on Iphone? ›
If you tap on "More Details," you can see what's inside the configuration profile, which usually includes a "signing" certificate and sometimes permissions to adjust things such as internal settings, cellular configurations, VPN information, etc. You can tap on the certificates to view more information about them.Why is my network being monitored? ›
Google added this network monitoring warning as part of the Android KitKat (4.4) security enhancements. This warning indicates that a device has at least one user-installed certificate, which could be used by malware to monitor encrypted network traffic.How do you avoid certificate warnings? ›
- Using the default certificate.
- Generating a unique certificate.
- Downloading the certificate.
- Applying SSL inspection to a policy.
Why SSL Certificates Aren't “Hacker Proof” When it comes to protecting your customer's information an SSL certificate plays a crucial role. Encrypting their data in transit can help it from being intercepted by attackers along the way. With that being said, however, this doesn't protect the origin.
- Navigate to the Secure Certificates page.
- To the right of your domain, click the Settings button.
- The current certificate displays on this page.
- To the right, click the Add New Certificate button.
- On this page, select which type of certificate you'd like to change to.
- Launch the Settings app.
- Scroll down and tap General.
- Tap iPhone Storage.
- Scroll down and tap on the app that you want to remove.
- Select Delete App at the bottom of the screen.
- Tap Delete App to confirm your decision.
When you remove an account, everything associated with that account is also deleted from your phone. This includes email, contacts, and settings. Important: You're using an older Android version.How do I remove accounts personal content and activation locks on my iPhone? ›
Go to Settings > General > Reset > Erase All Content and Settings.How do I disable a profile and delete it? ›
- Click the Settings app when it appears in the search results to open it. Open Windows' Settings app. ...
- Click on Family & other users from the menu bar running along the left-hand side of the Settings window. You'll find all of your computer's user profiles in this menu. ...
- Click Remove.
- CONTROL PANEL > SYSTEM AND SECURITY > SYSTEM > ADVANCED SYSTEM SETTINGS (from the menu on the LEFT) .
- Click SETTINGS button in the USER PROFILES section. .
- Click on the user that has issues and click the DELETE button (note that you can not delete the profile you are using)
- On the device, tap Settings. Accounts. ...
- At the top, tap Remove work profile. Delete. ...
- If needed, enter your phone's pattern, PIN, or password. If you see an error message, your organization might not allow you to remove your work account from mobile devices.
- Step 1: Go to Settings. Open your iPad or iPhone and navigate to the Settings app. ...
- Step 2: Go to VPN and Device Management. ...
- Step 3: Remove Management. ...
- Step 1: Download the Software. ...
- Step 2: Connect Your Device. ...
- Step 3: Go to Toolbox. ...
- Step 4: Deactivate your Phone. ...
- Step 1: Download and Install 4uKey.
To completely remove any trace of your account from your device at this point, then as above, head to your Android settings, go to Settings > Accounts and locate your Google account. Click “Remove Account” and confirm to fully remove it.How do I get rid of device Manager on my phone? ›
In your phone, select Menu/All Apps and go into the Settings option. Scroll down to Security and select Device administrators. Click to untick the PCSM MDM option and select Deactivate.
Yes. A certificate may advance an individual's career by providing special expertise. Certifications aid in career advancement by demonstrating expertise. Depending on the field and level, a degree can lead to career advancement.Is it good to have certificates? ›
Having a certification can also help you gain credibility in your professional career. If you're a freelancer, for example, many companies prefer to work with professionals with certifications from recognized programs, because it shows your commitment to your craft.Are certificates important? ›
The importance of certifications starts right from the academic journey in the initial stages. You get certificates as proof of completing your school education, high school, college, and university education. Furthermore, certificates help you find jobs with employers you want to work for or showcasing your abilities.What security certificates should be on my phone? ›
- Open Settings.
- Tap “Security”
- Tap “Encryption & credentials”
- Tap “Trusted credentials.” This will display a list of all trusted certs on the device.
- Select Run from the Start menu, and then enter certmgr. msc. The Certificate Manager tool for the current user appears.
- To view your certificates, under Certificates - Current User in the left pane, expand the directory for the type of certificate you want to view.
Change your settings for trusted computers
If you don't want to trust a computer or other device anymore, change the privacy settings on your iPhone, iPad, or iPod touch. Go to Settings > General > Transfer or Reset [Device] > Reset > Reset Location & Privacy.
In the Keychain Access app on Mac, select a keychain, then click either the My Certificates category or the Certificates category to see the certificates in that keychain. Select the certificate you want to view, then click the Info button in the toolbar. You can also double-click the certificate you want to view.How do I view a certificate encryption? ›
- On the File tab, click Options.
- In the left pane, click Trust Center. ...
- In the left pane, click Email Security.
- Under Encrypted e-mail, click Settings.
- Under Certificates and Algorithms, click Choose.
- Click the certificate that you want, and then click View Certificate.
Screen design may be different depending on the version of Windows or Internet Explorer. Select [Tools] – [Internet Options]. Open the [Content] tab and click the [Certificates] button. Select your certificate and click [Remove].What is the purpose of a certificate? ›
Certifications are designated credentials earned by an individual to verify their legitimacy and competence to perform a job. Your certification is typically displayed as a document stating that as a professional, you've been trained, educated and are prepared to meet a specific set of criteria for your role.
Digital certificates (or simply certificates) are electronic files that uniquely identify people and resources on the Internet. Certificates also enable secure, confidential communication between two entities.Why is there a Certificate Authority installed on my phone? ›
It means that someone installed a public certificate that your phone will trust for all secure (mostly Web) operations like you entering your banking password. Whoever holds the corresponding private certificate can create on-the-fly fake certificates for any domain on the Internet.Why do I keep getting a certificate error on my iPhone? ›
One of the most common reasons for certificate errors is when your device's or computer's date & time are incorrect. Luckily, this is an easy fix. Check your iPad, iPhone or iPod touch's date and time by going to Settings > General > Date & Time. we recommend toggling on Set Automatically instead of entering manually.Is the virus warning on my iPhone real? ›
Apple security pop-ups are tools fraudsters use to trick you into thinking your iOS device has contracted a virus, been hacked, or been compromised in some other way. The threat isn't real, and scammers simply seek to gather personal and financial information to defraud you.Where are certificates stored on iPhone? ›
On iOS, certificates are stored in the publisher keychain. On Android, they are stored in the system keychain.How do I get a certificate off my phone? ›
- Open your phone's Settings app.
- Tap Security Advanced settings. Encryption & credentials.
- Under "Credential storage": To clear all certificates: Tap Clear credentials. OK. To clear specific certificates: Tap User credentials. Choose the credentials you want to remove.
If you want to turn on SSL/TLS trust for that certificate, go to Settings > General > About > Certificate Trust Settings. Under "Enable full trust for root certificates," turn on trust for the certificate. Apple recommends deploying certificates via Apple Configurator or Mobile Device Management (MDM).Will my iPhone tell me if I've been hacked? ›
How Apple's threat notifications work. If the company suspects that someone has hacked into an Apple device, it will notify the user in two ways. First, Apple will display a Threat Notification at the top of the page when a user visits and signs into appleid.apple.com.Is my iPhone hacked? ›
How can I tell if my iPhone has been hacked? The easiest way to tell if your iPhone has been hacked is by running a full device scan with top-tier antivirus security software. This will check your iPhone for any suspicious apps or activity and alert you to any unusual behaviors that may have gone unnoticed.How do I check my iPhone for malware? ›
Since an iPhone cannot have a true virus there is no way to scan for one. If your iOS version is up-to-date (currently iOS 15.5) and you have not jailbroken your iPhone or side loaded apps you have no risk of malware either.