Snapchat has put its foot down. It officially closed the door on third-party apps, which it says violate its terms and put users' privacy in jeopardy. Snapchat's decision serves as a cautionary tale for developers looking to hop onto the bandwagons of others.
To be clear, Snapchat never released an API for developers. Researchers ferreted out the details of the company's private API a couple of years ago and described how to use it in an online security journal. Third-party developers later jumped on the opportunity to create apps for the ephemeral messaging service. Anyone accessing the API is doing so without Snapchat's permission.
"Given the popularity of Snapchat and the size of our community, it’s no surprise that a cottage industry of app-makers has popped up to provide additional services to Snapchatters," acknowledged Snapchat. "Unfortunately, these applications often ask for Snapchat login credentials and use them to send or receive snaps and access account information. When you give your login credentials to a third-party application, you’re allowing a developer, and possibly a criminal, to access your account information and send information on your behalf."
Snapchat's worst fears were confirmed when one such app was compromised and leaked some 90,000 photos and videos -- including nudes of underage kids.
Shortly thereafter, Snapchat began to clamp down on third party apps. In a blog post, Snapchat detailed its efforts to delete third-party apps from the iTunes App Store and Google Play Store, respectively. It also asked its users -- nicely -- to stop using third-party apps. Well, they didn't.
The company was forced to take a much harder line in November. "We’ve enjoyed some of the ways that developers have tried to make Snapchat better. Unfortunately, some developers build services that trick Snapchatters and compromise their accounts. We want to prevent that from happening in our community. We will [begin to] notify Snapchatters when we have detected that they may be using third-party apps and we'll ask those Snapchatters to change their password and stop using unauthorized apps." Later, it followed up that policy by blocking third-party apps and disabling the accounts of those who used them.
Snapchat took its strongest stance yet this week when it changed the way its API works. It has fortified the API in such a way that no third-party apps will work with Snapchat. Further, users will not be able to use older versions of Snapchat, the company is forcing all users to update to the newest version. Users were quick to take to Twitter to vent their frustrations.
"We never wanted third-party apps on our platform,” said Snapchat engineer Tim Sehn to Medium. “We have created a product where it is more critically important than ever before that we control the end user experience. Almost every security issue we've had since I’ve been here has been related to API abuse. We’ve made commitments to our users."
Obviously this puts a damper on the hopes and dreams of developers looking to hitch their own success to Snapchat's wagon. Some might criticize Snapchat for its stance, but protecting users is its responsibility. You can't fault the company for that. It should serve as a bit of a wake-up call, though, for developers poking around in non-public APIs. Companies that don't offer public APIs likely have a good reason for keeping developers out. Until Snapchat decides to let developers in, best to leave it alone. There are plenty of open APIs out there.