|
|
|
|
|
|
by divad12
4714 days ago
|
|
|
We have seen fraudsters reinstall an app over and over, each time signing up with a new email and a new stolen credit card after their previous account was shut down. A persistent device ID allows our clients to block a new signup from a fraudster that is from the same physical phone the fraudster has used before. (This greatly increases the cost of committing fraud, by forcing the fraudster to root their phone or use a new phone each time.) |
|
|
The ability for apps to correlate across their own re-installations has fewer privacy implications than general UDID/MAC access, so perhaps Apple may allow it at some point. To achieve it, Apple could just change the documented behavior of the identifierForVendor property so that it no longer resets when all the vendor's apps are deleted. Apple's implementation could be done several ways (such as by stashing the per-device, per-vendor ID along with the App Store's Purchased Software data, or by generating it algorithmically from a hash of UDID/MAC plus vendor ID). But regardless, Apple perhaps sees app re-installs that start fresh and anonymous as a good thing.