Parental control apps present by today install special MDM profiles onto your child’s devices to be able to function. However, MDM-based apps are known for and putting your children’s privacy and security at risk. Read this overview to learn the dangers you might run into by using old-style parental control apps utilizing MDM profiles.
They take control over your child’s device
Originally, MDM was intended to be used by companies to manage employees’ work devices, but today it is being misused by parental control apps.
Once you install the third-party company’s MDM onto your child’s phone, the phone starts following the commands of this third-party company, which can remotely manage many different aspects of device use.
Some parental control apps require a computer for a setup. They do it to set up the child’s device as supervised by this third-party company to provide broader, more advanced parental controls.
However, through this advanced type of MDM profile, a third-party company gains significantly riskier control over the child’s device and acquires the technical capability to remotely:
- Erase your device
- Shut down and restart the device
- Install and update apps without your approval
- Force autonomous “Single App Mode”
- Block the “Find My” app and disable “Lost mode”
- Block camera
- Block screenshots and screen recordings
- Many other commands and restrictions
All these actions may be performed remotely without touching your device so that you might be entirely unaware of them. Furthermore, only this company can unenroll your device from their MDM solution, or you can do it only by wiping your device data completely.
Child’s sensitive data is compromised
MDM installed in your child’s device compromises your child’s privacy allowing these third-party companies to see child’s sensitive data like
- Child’s phone number
- Apps installed on child’s devices
- Device serial number
- Device model name and number
MDM-based apps also install VPN profiles to provide device usage statistics in most cases. However, this VPN profile compromises a child’s privacy even further. VPN profile installed on a child’s device allow these companies to see sensitive data like:
- App usage. They know what app, when and how long your child is using it.
- Visited websites. They know what your children search for and what sites visit.
Your device may be hacked and data leaked
All this child’s acquired data is routed and can be stored at a third-party company’s servers.
It is perilous since their servers might get hacked or data leaked. Hackers may gain access to MDM and VPN providers’ servers to manipulate with malicious purposes. For example, through MDM remote commands, they might destroy all your data on the device and leak or sell acquired child’s sensitive data to advertising companies.
MDM commands at supervised devices may be performed remotely, without your approval, which makes you completely unaware of terrible things happening.
How does Grace not compromise a child’s privacy?
Grace is built on the new Apple’s Screen Time API and doesn’t install any MDM and VPN profiles.
We can’t access any child’s data. We don’t see apps installed on a child’s device, app usage, or browsing history. We don’t have access to perform any dangerous activities like erasing the phone.
How does Grace work
We send an app token to iOS that blocks the app on-device. We operate on app tokens only so that Grace doesn’t know what app we block, when, and how much a child spends on each app.
We send a website’s URL to iOS as a rule to filter bad websites, and the device automatically restricts it once the child tries to access this site. So Grace doesn’t know when and what sites your child visits.
Every restriction is performed on the device.
We believe that a child’s privacy is essential, and only the parent or guardian has the right to access the children’s data and manage their devices.