Privacy & Legal Concern: App Access to File System for Jailbreak Detection

Hello Apple Community,

I’d like to raise a concern regarding privacy and legal implications around what app developers are allowed to access on iOS devices.

I’ve observed that some banking and financial apps perform checks during launch to determine whether the device is jailbroken. They appear to do this by checking certain filesystem paths (such as /var/...)—presumably to detect unauthorized modifications.

My question is: How is this kind of access to the file system permitted by Apple without explicit user consent? These apps are able to probe parts of the system or file structure that I, as the user, have not authorized them to access.

More importantly:

• Is it legally compliant with Apple’s App Store guidelines and global privacy standards (e.g., GDPR, CCPA)?
• Shouldn't apps be required to request user permission before accessing or checking anything outside of their sandbox?
• Is this not considered an overreach—allowing apps to gather system-level data that could indirectly reveal information about how I use my device or what is installed on it?

I have at least two apps installed that perform these types of checks, and their behavior can be debugged and traced. For reference, here is a link that demonstrates this issue:

NBB Digital banking

KFH Bahrain

I am seeking clarity from Apple or the community on whether such behavior aligns with Apple’s privacy policy and what limits are in place to protect users from potentially invasive background checks by third-party applications.

Thank you for your time and insights.

[Edited by Moderator]