Apple’s rejection of applications that access the iPhone or iPad unique identification number, UDID, will only drive adoption of alternative measures. There are plenty around – not that they are as strong and absolute as the UDID, but they are, in many circumstances, ‘almost as good.’
These identifiers include other hardware IDs like the MAC address or even more appealing, ‘clientless’ device identification now pervasive in the desktop and laptop world, and used extensively in fraud detection. Also known as ‘PC fingerprinting’, an application on the server grabs whatever it can in terms of unique characteristics from the device accessing the server without loading anything on that device.
Far from perfect, fingerprinting a device has worked very well in the desktop/laptop world and should evolve to the same state in the mobile world over time. It has been effective in catching fraudsters since the bad guys can’t delete endpoint tags such as cookies in this scenario.
From a privacy protection standpoint, the Apple policy should go further to preclude all the workarounds. Otherwise, you have to wonder what their bottom line motivation and thinking is.
Read Complimentary Relevant Research
Predicts 2017: Artificial Intelligence
Artificial intelligence is changing the way in which organizations innovate and communicate their processes, products and services. Practical...
View Relevant Webinars
How to Protect Mobile Apps
Securely enabling applications on corporate- or employee-owned devices is key to protecting enterprise data from misuse. From containers...
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.