Security News > 2023 > July > Apple Sets New Rules for Developers to Prevent Fingerprinting and Data Misuse

Apple Sets New Rules for Developers to Prevent Fingerprinting and Data Misuse
2023-07-29 05:30

Apple has announced plans to require developers to submit reasons to use certain APIs in their apps starting later this year with the release of iOS 17, iPadOS 17, macOS Sonoma, tvOS 17, and watchOS 10 to prevent their abuse for data collection.

The iPhone maker said it's making the move to ensure that such APIs are not abused by app developers to collect device signals to carry out fingerprinting, which could be employed to uniquely identify users across different apps and websites for other purposes such as targeted advertising.

The policy enforcement, which goes live in Fall 2023 and also extends to visionOS, will require developers submitting new apps or app updates to declare the reasons for using these "Required reason APIs" in their app's privacy manifest.

"Regardless of whether a user gives your app permission to track, fingerprinting is not allowed," Apple explicitly cautions in its developer documentation.

"Your app or third-party SDK must declare one or more approved reasons that accurately reflect your use of each of these APIs and the data derived from their use."

"You may use these APIs and the data derived from their use for the declared reasons only. These declared reasons must be consistent with your app's functionality as presented to users, and you may not use the APIs or derived data for tracking."


News URL

https://thehackernews.com/2023/07/apple-sets-new-rules-for-developers-to.html

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apple 72 238 1567 2279 265 4349