Work / Consumer Privacy

Resilient background services for screen-time control

Platform
iOS + Android
SwiftKotlinFamilyControlsAccessibilityServiceEd25519

Resilient background services for screen-time control

Consumer Privacy

Industry: Consumer Privacy

Platform: iOS + Android

Stack: Swift · Kotlin · FamilyControls · AccessibilityService · Ed25519

Description: Dual-platform native apps with Ed25519-signed requests and OS-level blocking through force-kill.


The engineering surface was a mirrored service layer across two platforms with fundamentally different background lifecycle models. Device-identity authentication used Ed25519 with RFC 8785 JSON canonicalization for byte-identical signature parity. The five-layer blocking evaluator runs as a pure function on both sides, executing identically in the main process, a background worker, an iOS extension, or an Android accessibility service. Force-kill resilience required a multi-layered approach on iOS — extension-process callbacks reading App Group cache — because background tasks do not survive user-initiated kill.

We owned both native clients — Ed25519 signing, schedule evaluator, cache stores, push-handler race resolution, and the OS-level enforcement bridge on each side. The client owned the REST API, Firebase infrastructure, and admin dashboard.

Engagement: 12-week build across three milestones · 2-engineer team (iOS + Android) · 2025.

Engineering signal: cross-platform Ed25519 signing verified against a shared test-vector corpus; system-level enforcement survives force-quit on Android and continues firing from extension process on iOS.

Talk to us

Working on something similar in consumer privacy?

Free first conversation. Written discovery report either way.