wait, did I just read that correctly? lol
Absolutely. Third party on-screen keyboards and even the standard Android/Google keyboards have been the source of multiple vulnerabilities.
My brother helped a guy reset his Android tablet that he was completely locked-out from. The vulnerability that allowed it was in the default on-screen keyboard.
As for privacy, it's very clear. Apple has demonstrated extreme reluctance or refusal to concede to NSA / CIA backside access demands. The "Secure Enclave" is one of the more effective personal privacy mechanisms developed by a consumer electronics company.