Apple has been urged to change the way in which iPhone apps are granted access to the phone's camera after a security researcher demonstrated how apps can secretly record photos and videos without the user knowing.

Felix Krause, an Austrian developer who works for Google, built an app that was able to take pictures of its user every second and upload them, without notifying the user. He called it a "privacy loophole that can be abused by iOS apps".

When an app wants to access the camera, for example to scan a credit card or take a profile picture during the set-up process, the iPhone user must give the app permission, in the same way that apps must ask to access the camera roll, location and contacts and to send notifications. Once allowed, it has to be turned off via the settings menu.

The system is similar to the permissions required by apps on Android. Google has recently deleted several apps that surreptitiously recorded users and masqueraded as legitimate apps.

But Krause said that once an app has been granted initial access, it can take photos and videos whenever it is opened up. Unlike on Mac computers, which have a small green light next to the camera when it is being used, there is no indication that an app is recording videos or taking photos, or when it sends them elsewhere.