When you install a wallet or pass app, iOS asks for permissions: the camera, your photos, notifications, maybe your location. Each prompt is a real choice, and knowing what every permission does lets you grant only what an app actually needs to work.
A pass app should need very little. Here is what each permission means, which ones a scanning app genuinely uses, and how to review them later in Settings.
The permissions a pass app may request
Not every app asks for all of these, and a well-behaved one asks only for what it uses. Here is the full list you might see.
Camera
Used to scan a card or barcode directly. This is the one permission a scanning app truly needs, and it only sees what you point it at.
Photos
Used to import a screenshot or photo of a barcode. iOS lets you grant access to selected photos only, rather than your whole library.
Notifications
Optional. Some apps use it for pass updates or reminders. Denying it does not stop you from adding or showing a pass.
Location
Used to surface a card near a store. Convenient, but also trackable data, and a pass creator rarely needs it. Apple Wallet handles pass relevance at the system level.
Tracking
The App Tracking Transparency prompt asks to track you across other apps and websites using your advertising ID. A privacy-first app does not request it.
Watch the tracking prompt
Limited photo access is your friend
When an app asks for your photos, iOS gives you three options: allow selected photos, allow full access, or deny. For importing a single barcode screenshot, selected photos is usually all you need. The app sees only the images you pick, not your entire camera roll.
How NeatPass uses permissions
NeatPass is built to ask for as little as possible. It uses the camera to scan a card, and if you would rather import an existing image, it uses photo access, where selected photos is enough. It does not ask to track you across apps, and it needs no account at all.
The scanning itself runs on your device with an on-device AI model, so your card images are not uploaded to a cloud. A signing server receives only a cryptographic hash so the finished pass can be added to Apple Wallet, which is why the accurate phrasing is no accounts and no cloud uploads rather than no servers. The privacy FAQ lays out exactly what stays on your phone, and there are six import methods so you can choose how much access to grant.
Add cards with only the permissions you choose
NeatPass makes it easy to convert any ticket, pass, or loyalty card to Apple Wallet.
How to review and change permissions
You are never locked into your first answer. iOS lets you change any app's permissions at any time.
Open Settings
Check each permission
Tighten what you do not need
Once a pass is in Apple Wallet, it does not depend on the creating app's permissions at all. It shows its barcode offline, straight from Wallet, and the barcode data is preserved so it scans at the register like the original.
Common questions
Try a pass app that asks for less
DownloadGrant only what you need
Permissions are not all or nothing. A wallet app should run on the camera alone, with photo access as a convenience, and it never needs to track you to add a card. Review the prompts, keep photo access limited, leave tracking off, and your cards still land in Apple Wallet exactly as they should.
