Avivah LitanApple’s rejection of applications that access the iPhone or iPad unique identification number, UDID, will only drive adoption of alternative measures. There are plenty around – not that they are as strong and absolute as the UDID, but they are, in many circumstances, ‘almost as good.’
These identifiers include other hardware IDs like the MAC address or even more appealing, ‘clientless’ device identification now pervasive in the desktop and laptop world, and used extensively in fraud detection. Also known as ‘PC fingerprinting’, an application on the server grabs whatever it can in terms of unique characteristics from the device accessing the server without loading anything on that device.
Far from perfect, fingerprinting a device has worked very well in the desktop/laptop world and should evolve to the same state in the mobile world over time. It has been effective in catching fraudsters since the bad guys can’t delete endpoint tags such as cookies in this scenario.
From a privacy protection standpoint, the Apple policy should go further to preclude all the workarounds. Otherwise, you have to wonder what their bottom line motivation and thinking is.
Category: Uncategorized Tags:
1 response so far ↓
1 Apple’s UDIDs – Rejected for App Developers? « Enterprise & Government Authentication Blog - Entrust Insights March 29, 2012 at 10:55 am
[...] recently read two interesting posts on this subject — one from GigaOM and another from Gartner’s Avivah Litan. Both posts talk about Apple’s recent rejections of apps using the UDID (unique identification [...]