So, I have private Apple Developer Account and there's one guy that told me that he wants to "rent" my p12 certificate and mobileprivision file to distribute his app. (which is I also confused why he's not just buy the developer account by himself instead of renting from someone)
I have read this and this I still unsure about what kind of danger to share those file and what risk can come from this action, what's inside the p12 certificate and mobileprovision file? Can someone explain? Thank you!
The biggest "risk" is "one guy" can upload apps to the App Store as you. It is very likely that "one guy" can't get their own ADC account because they already had one and burned it on violating Apple's developer agreement. For example they may have uploaded a trivial app that unbeknownst to the phone's owner burns the phone's battery mining bitcoin to send back to "one guy". Now they can't get another ADC account without either finding a willing dup (in this case "some guy" hopes is you, but you have been critical enough of his false claims to figure out what is going on...congratulations!).
Alternately "one guy" may be absolutely innocent of vile intent, and just doesn't know how easy it is to get their own developer account. It is too hard to tell if that is the case though, which means you still shouldn't share theirs. After all the potential cost to you of sharing the cert is high, and the benefit is low. Also if they resist getting one of their own when you explain how easy it is the chances go up that they have ill intent.
(also if by "private Apple Developer Account" you mean the personal accounts that don't let you upload to the App Store, someone can upload IPA files, your provision file, and "side loading instructions" to get apps that would never pass App Store review onto other people's phones until Apple notices it and shuts down your account. Not exactly the same "attack", but definitely something of negative value to you!)
Good luck!
Related
You can only transfer
apps that aren’t using Passbook IDs, certificates, or notifications.
Everytime when I try to transfer my app, I get the above message in iTunesConnect.
I have not used any passbook ID , certificate or notifications in my app.
Any help or suggestion
Honestly, the easiest way if you run into problems to call up iTunes Connect telephone support. Someone can help you do it over the phone.
U.S. and Canada English
+1 (800) 633-2152 Toll-free from the U.S. and Canada.
Other English
+1 (408) 974-4897 International charges may apply.
Check the app settings in apple developer. While you might not actually coded anything, you might have ticked the wrong box when you set the profile. If you did, that's might explain it.
An alternative, which you'll need to check with apple (sorry), would be to rename the app. Once done, then you might be allowed to use the name in the new entity.
If the app has been submitted for app store review, or if you have released it in the past, you might need to submit another copy in the new name. If/when approved, the old name, at least in theory, should become 'available'. Then, change the code signing, and submit via the new entity.
Good luck!
The B2B program Apple has isn't available in my country and in looking for another way to give my apps to a business privately so that only that business or the people in it can use the app. I was wondering , is Apple ok with me putting a password on my app so that anyone can download it but only someone who knows the password can use it?
You're not allowed to publish an app that targets only a certain group of users, says the Apple guidelines for publishing on the app store. With that password restriction you're against that rule.
Now, that being said, you could buy an entreprise developer account and simply use the Over-the-Air system, if you're aware of how it works.
If not, look at my brief description here : https://stackoverflow.com/a/26043004/3603502
I work with a lot of contractors and vendors for mobile app development. They usually ask me to add them to my account and add their device IDs. If they have their own Apple Developer account, I don't think this is necessary. Are they be able to just use their own while developing?
We have an Enterprise account with Apple. We don't do the whole UDID exchange thing for test builds. We build for Enterprise distribution. (We do that because we have hundreds of test devices in geographically disperse locations.) I do give them those signing credentials. Is that enough for a developer to work with?
We deploy the apps ourselves so they don't need credentials for that. They can send us archives to sign.
it really depends on what you want. Truly the developers id should be put under the company account for them to push and also do different security signing measures or app to app talking. However for the rather simple applications this is not necessary maybe around 70% of the time. Something else to think about is who is doing deployment, if you are having a developer or contractor do it for you then absolutely they need your account credentials. As for the device IDs there is no getting around that. You need to add their devices or buy them some because otherwise they are stuck developing on the simulator which does not at all simulate how the application will behave in real life for various reasons.
Hope this helps.
As long as you are responsible for submitting the app to the app store I can't think of a technical reason why developers should be unable to contribute to your app without being invited to join your developer program.
There may however be other concerns or limitations. For example being granted access as a "Member" role is a good way to confirm that you, the client, have accepted Apple's license agreements around pre-release software. Using a certificate issued by your organization to sign builds may also reduce the need to juggle app ids, particularly when testing in-app purchases, and therefore reduce the chance of mistakenly checking in such changes and confusing the team.
I have developed an Application for iPhone.
In some countries, there are some places you can go, give your iDevice and they will install any App/Apps on it much, much cheaper(for 1$ for any App).
How do they do that? - They simply legally buy an Application once and then synchronize "customer's" iDevice with there Account. I think it's illegal, to resell...
So my questions are:
Which steps as a developer can I make to protect my Application to be illegally shared?
Does Apple do anything against that? Because apple purchases are account related.
EDIT: I forgot to mention, that application is for free, the products must be bought within the Application (In-App Purchase) which will be downloaded after purchase form other server.
One solution could be, if it was possible to get UDID of device and "account-id" I could limit download, let's say, for 5 devices.. I read that, starting with iOS5 it isn't possible to get UDID, or is it? And is such limitation against Apple Rules?
I could limit download, let's say, for 5 devices [...] is such limitation against Apple Rules?
Refer to Fernando's answer for your UDID question, but this is absolutely against the developer agreement. Your in-app-purchase needs to be restorable on any devices that user owns. It is somewhat unlikely, of course, that a user owns more than five iDevices, so if you want to take your chances you can. That said, I know of instances where Apple have come down on people who tried to limit apps 'per device'.
if it was possible to get UDID of device and "account-id" I could limit download, let's say, for 5 devices
If by 'account-id' you mean the iTunes username that downloaded/bought your app, then no, it's not possible. You don't have access to any information about the purchaser, I'm afraid.
The companies I worked for so far refrained from doing such restrictive DRM because it's more possible that you will harm a customer by mistake than you get anything. Don't waste your time implementing this.
You don't simply get people to buy your stuff by annoying them. People that get your app this way in general can't be convinced to buy
But if you must do it, here's a workaround to have a unique device identifier after iOS5:
https://github.com/gekitz/UIDevice-with-UniqueIdentifier-for-iOS-5
I hope somebody can help here, its an ongoing issue with no obvious solution.
The background
I created my own personal apple developer account back in 2010 to tinker about with iOS development. The company I worked for at that time asked me to write an app as a test to see if we could a) write an app and b) sell it. It so happens both cases were true and the app has flourished into a successful venture.
The issue:
I am leaving this company and we are trying to figure out how I can give them this app, they did after all still pay a salary while I was making the app so I consider it their app really only its tied to me and my personal developer license. I currently forward any funds it makes to them each month.
We contacted Apple and they suggested the company i work for set up a company developer account and then ask for an app transfer. This sounded great and we started the process but then it occurred to me that re-signing the app under a different developer license would effectively kill the existing app on the store. All our ratings would be wiped (and there are quite a few) which is unacceptable. The ratings of an App are extremely important to its success on the store. Apple confirmed that the ratings and reviews do not get transferred across. We stopped.
So, here I am at this block again.
The company I work for even suggested buying my personal account off me so they can run it themselves but I am worried about this, it seems fraudulent as I am the one responsible for contracts on that account and any issue would come back to me. THey wouldn't be able to change the owner "name" on the account either from what I have read.
Any suggestions how we can resolve this?
Thanks
Geoff
it occurred to me that re-signing the app under a different developer license would effectively kill the existing app on the store.
This is false. As long as you transfer the app like Apple suggests (you need to contact them for this), the company just needs to submit a new version from their account and it will work. You don't lose your ratings, nothing. It all gets transferred to the new account including the iTunes Connect side of things. They can sign it with a different certificate and submit. As long as the app ID is the same as before (which it will be), there is no problem.
It sounds like you have old or inaccurate information, because I know somebody who did a transfer like this, and they kept all the ratings etc.
I have faced this same issue, after contacting apple several times, we concluded that there was not other choice, so we removed the app and re uploaded it a gain on the other account
Not only the rating has been wiped, but also users with old app will not be able to update it when you push a new version to the app store
Its a very tough decision, but we had no other choice