Devastating News for DIY T1D Community — Apple Tries to Clamp Down on Distribution of Spike App
Note: Post contains updates. These are shown by asterisks. (*) A double asterisk (**) indicates a correction from original text.
On April 4th, 2019, the primary developer of the Spike App announced that Apple would be revoking the Enterprise Certificate for Spike in two days, rendering the current installation of the app useless for any current users. Spike is a 3rd party app used by thousands of diabetics and their loved ones to track blood sugar data from Continuous Glucose Monitors (CGMs) on iOS (Apple) devices such as iPhones and iPads. Prior to April 4th, Spike was distributed through the App Center platform, not via the official Apple App Store because of restrictions from Apple. With the developer certificate now revoked, distribution will no longer take place via App Center. All current users will have to reinstall the Spike app through the Ignition App Store. This version of the app is both more buggy and possibly less secure.
*The revoking of Spike’s developer certificate is part of a larger crackdown by Apple on third-party apps. This crackdown was reported on in February by The Verge. At this time there is no evidence that Spike was specifically targeted by Apple because it is a health-related app or for any other reason related to the app’s content.
*Since Apple’s crackdown, only actual corporations can obtain enterprise certificates for third-party app distribution. A valid D-U-N-S number (for corporations) is required. One possible solution from Apple could be to provide a separate license for non-profits like the Nightscout Foundation, which sponsored Spike’s previous certificate. However, a non-profit license is unlikely to happen given Apple cracked down on third-party apps in order to eliminate apps outside the App Store that were not created for use by companies. In contrast to internal corporate apps, Spike is available to the general public.
Users are already reporting bugs with the version of the app on Ignition. Miguel Kennedy, Spike’s creator, reported on the Facebook group that, “About 1/4 of users aren’t able to receive glucose readings inside the app when they lock their phones or switch to another app… [and] an unknown number of users are experiencing intermittent data loss when closing and opening Spike.” He finishes by stating, “I can’t be certain if there’ll be a solution or a way to solve them [the issues]. I’m doing my very best.”
Some users have questioned whether Ignition poses a security risk. The developer says there are, “No security issues because a certificate does not contain code, it doesn’t do anything to a phone, it just allows an app to run… Ignition has several certificates, if Apple revokes one certificate they just resign the apps with a new one…” **The Spike developers compile the app and send it to Ignition to obtain a trust certificate that will grant the app access to Apple devices that have trusted that certificate. In order for malware or other malicious code to be passed to the device, Ignition would need to obtain the source code (which they do not have), put the malicious code into the app, and distribute it with the certificate. Though not impossible, this seems highly unlikely.
*Interestingly, the level of access permissions in the Ignition-provisioned certificate is what is causing many users to experience bugs with the Spike app, especially when the app is closed or running in the background. The Ignition certificate does not have all of the necessary privileges for Spike, as is currently coded, to run without interruption.
Given these challenges, many Spike users may now be wondering if they should switch to an Android phone. The xDrip and xDrip+ apps are very similar to Spike and do not have the same distribution challenges. It is very easy to install 3rd party apps on the Android platform by simply downloading .apk files. However, switching from iOS to Android is not without time and monetary costs.
As an alternative to Ignition, some users have proposed that the app no longer be distributed as a compiled app on a platform. Instead users could compile the app themselves from open source code, which is the how users run the iOS-based open artificial pancreas system, Loop. However, there are licensing, coding, and other technical challenges to doing this. *For example, the developer estimates that the flash builder code editor and developer account would cost users $1000 each. Additionally, users would need to the compile the app from an Apple computer, which is both more technically-challenging and would create cost barriers for those without a Mac.
Accessibility of the Spike app is particularly important for Freestyle Libre users who want CGM capabilities. For them, Spike is the only good option. Freestyle Libre users have no way of receiving real-time alarms about high or low blood sugars without 3rd party transmitting devices such as a MiaoMiao or Bluecon. These devices must be connected to Spike or the Tomato app. Though Tomato is technically an alternative to Spike, it is known for being unreliable and has a 2.5 star rating in the App Store. *Tomato violates the Apple App Store terms of service and FDA regulations, but it still exists in the app store, possibly in part because it was developed by a Chinese company outside the United States.
Spike is arguably less critical for Dexcom users who can use the official Dexcom app. However, Spike offers much more flexible alarms, more advanced logging, and the ability to use sensors and transmitters easily beyond their official expiration dates. The ability to extend the life of sensors and transmitters is vital for those with poor insurance coverage or no insurance since the cost for the Dexcom G6 is $349 for a box of sensors and $475 for two transmitters at retail.
Because of its popularity, the Spike app has faced problems related to distribution before. In September 2018, with support from the Nightscout Foundation, Spike moved from being distributed by the TestFlight platform to App Center. This move was necessary because Spike reached the limit of 10,000 users on TestFlight.
Many outraged and confused posts have appeared in the Spike Facebook group, which has over 10,000 members. There is a petition asking Apple not to revoke the developer certificate so the app can continue to be distributed via App Center. The last lines of the petition text read, “Apple advocates to Think Different. Ok, prove it and show your diabetic customers that you are not without compassion.”