[brianpan]

> help me feel its a legit login

Inside a native app, that's all it would be. A feel good, since I could create the browsery chrome to look however I wanted (e.g. a URL bar that shows twitter.com when the page is mycredsharvest.com).

[tesseract]

Or for that matter, display the actual twitter.com page and keylog the credentials. It's a native app, after all.

[bruceboughton]

In theory, Apple could develop some unique chrome for this and then reject any app from the app store that fakes it. That is probably the only way to do this securely with good UX in a mobile app. It's not clear that Apple wants to take on that role though.