Why we built the clipboard safety check

The moment we realised we'd missed something obvious

That email sat with me for two days. Not because it was urgent, but because I realised Guard was incomplete. We'd launched with a permission dashboard. We showed users their risk scores. We let them revoke permissions straight from iOS Settings. But we weren't telling them about clipboard access, which is arguably the sneakiest permission on any phone.

Clipboard access is different from, say, location or contacts. Those permissions show a clear prompt when an app asks for them. Your phone tells you: this app wants to know where you are. Most users see it, grimace, and decide whether they care. The clipboard is quieter. An app can read what you've copied - your passwords, your bank details, your search queries, your medical information - without showing up on any dashboard. Without asking. Without warning.

I pulled together the team and we looked at what we were actually showing people. The 12 common apps in the Free dashboard. The risk scores. The deep-links to Settings. None of it addressed the clipboard. We were telling people their phone was exposed, but we were only showing half the story.

What clipboard access actually means

Most iPhone users have no idea their clipboard exists as a security surface. It's not like location or Bluetooth, where iOS gives you explicit controls. You copy something. It sits there. Any app can read it whenever it wants, for as long as your phone is on.

The scale of it hit us when we started researching. Apps use the clipboard to scrape data. Some do it intentionally; others do it as collateral damage from poorly written code. A dating app might grab your clipboard to auto-fill a profile link. A shopping app might read it to check if you've got a coupon code copied. A social media app might grab whatever you just pasted to see what you're sharing. None of these behaviours require permission prompts. None of them show up in Settings.

What does show up, if you're on iOS 16 or later, is a paste notification. You see a banner at the top of the screen: App X pasted from your clipboard. For most people, that notification appears and disappears so fast they barely register it. And by then, the damage is done. Your data has already been read.

Building something that actually helps

Adding the clipboard safety check to Personal Pro wasn't about being clever. It was about filling a gap that mattered. We needed to show users which of the common apps they'd installed could be accessing their clipboard, and we needed to make that transparent enough that they'd actually understand the risk.

The feature works by walking through the apps in your device and showing you which ones have a pattern of clipboard access. We're not reading your clipboard ourselves, we're not installing a background monitor; we're showing you which apps you've let onto your phone that historically read clipboard data, and we're being honest about the frequency and behaviour.

Then, like everything else in Guard, we let you act on it. If you see an app flagging for clipboard behaviour you don't like, you can revoke its permission right from Guard. You can also choose to keep an eye on it, to get real-time alerts if that app changes its permission profile.

Why this matters more than people think

The clipboard thing is a bellwether. It reveals something true about how most of us use our phones. We trust the apps we download. We see them on the App Store, they have reviews, they look legitimate, so we tap install. We don't sit down and read their privacy policies. We don't know which permissions they actually need. And we certainly don't know they're capable of reading our clipboard in the background, silently, every single day.

Guard can't change the fact that iOS allows this. Apple's design choices are what they are. But we can make it visible. We can show you the apps on your phone that are reading your clipboard, and we can give you the tools to stop it. That's what the clipboard safety check does.

Since we added it to Personal Pro, it's been one of the most used features. Not the most downloaded, necessarily, but the one where people actually take action. They see their banking app, their email client, or their messaging app flagged for clipboard access, and they realise they want to know about it. They revoke permissions. They pay attention.

The bigger conversation

What I've learned from building Guard is that people want clarity more than they want hand-holding. They don't need us to tell them what to worry about. They need us to show them what's actually happening on their phone, and then trust them to decide. The clipboard safety check came from that realisation. We weren't trying to be alarmist. We were trying to be honest.

Your phone collects a lot of data. Some of that collection is obvious; most of it isn't. The permissions dashboard shows you the obvious stuff. The privacy risk score tells you which apps are asking for the most sensitive access. But the clipboard? That's the invisible layer. Apps read it and leave almost no trace. Until you know to look for it, you don't see it happening.