Loupe: open-source iOS app shows exactly what apps can fingerprint about you

Loupe is a free, open-source iOS and iPadOS app that demonstrates the device-fingerprinting surface available to any third-party app. It reads live values from the same public iOS APIs that trackers use and displays them raw, with explanations of how each signal helps an app re-identify a user. The core message is that recognition doesn’t require a name, email, or location — individually weak signals like locale, time zone, screen characteristics, and battery state combine into a stable fingerprint that persists across apps and websites.

The app sorts readings into three tiers based on how hard they are to obtain. Passive signals are exposed silently to any app with no permission prompt. A second tier covers data that triggers an iOS consent dialog, such as contacts, photos, and location. The Advanced tier highlights side-channel tricks built on public APIs — probing installed apps via canOpenURL URL schemes, and using the Keychain to persist identifiers across reinstalls. Everything stays on the device; nothing is uploaded, hashed, or synced unless the user explicitly exports it.

Notably, the developers say Loupe was written almost entirely with AI coding tools, and the macOS build is nearly complete. The project comes from Mysk Research, who use it as a soft promotion for Psylo, their privacy-focused browser offering proxy-backed browsing, tab isolation, and anti-fingerprinting defenses. The practical value is educational: it makes an abstract privacy threat tangible by letting users see their own device’s exposed attributes firsthand.