Usage description for NSCameraUsageDescription - ios

Is a formal description of using permission enough to approve an app in the Add Store?
For example, is this option suitable:
This app requires access to the camera
... or should it be specified as follows:
This app requires access to the camera to take a picture for the profile or scan a QR code
It is rather difficult to describe in detail what this permission will be used for. For example, the camera can be used for many functions (take a picture, read a QR, record a video). At the same time, I would not want the app to be rejected due to the lack of a detailed description.

In general, they will not reject you if you keep your message like the first option. But what is written in the documentation of Apple about this is:
For each key, provide a message that explains to the user why your app
needs to capture media, so that the user can feel confident granting
permission to your app.
This message will be shown to the user and do you think the user will be happy with your explanation of why you need the camera permission.
This app requires access to the camera.
If this is not a well-known app I will reject this permission.
Much better is if you show something like this:
This app requires access to the camera to take a picture for the
profile or scan a QR code when you need it.
At the end of the day, you deciding how to build trust in your users.

It depends on the Apple reviewer's mood...
My app passed with a usage description similar to your first option, but later it was rejected, so go with the specified version.

Related

Apple keeps rejecting app with AdMob because of bluetooth notification string not correct

Since IOS 13 came to live old 3 party APIs stopped working, In my app i needed to fix few because of that so i needed to fit it to IOS 13.
Since then Apple keeps rejecting my app because of Bluetooth user notification is not correct.
I just don't know what to write there, It is so annoying. I have to add it because of AdMobs and there is nowhere to say what to write over there.
I don't user BT in my app, it is just the AdMobs beacons that needs it probably.
I've tried:
and
And i will probably will have the same issue with the calendar message also.
When i try to remove it they demand it and then not approving it.... I understand maybe the first one but what wrong with the the second one? why is that no clear enough for them?
10x
see apple docs below: https://developer.apple.com/design/human-interface-guidelines/ios/app-architecture/requesting-permission/
Explain why your app needs the information. Provide custom text (known
as a purpose string or usage description string) for display in the
system's permission request alert, and include an example. Keep the
text short and specific, use sentence case, and be polite so people
don't feel pressured. There’s no need to include your app name—the
system already identifies your app. For developer guidance, see
Protecting the User's Privacy.
you're not explaining exactly why you need access to bluetooth. you must be specific. saying, "XYZ app needs access to bluetooth to interact with beacons to serve you location based advertisements"
something like that should do. no cutting corners, no trying to put it off on Google, just say it like it is and you'll likely pass through app approval without a problem.

ITMS-90683: Missing Purpose String in Info.plist NSCameraUsageDescription

I upload my app in app store successfully.
App store send me an email like this:
App Store Connect
Dear Developer,
We identified one or more issues with a recent delivery for your app, "Kupona Online" 1.0.2 (1.2). Please correct the following issues, then upload again.
ITMS-90683: Missing Purpose String in Info.plist - Your app's code references one or more APIs that access sensitive user data. The app's Info.plist file should contain a NSCameraUsageDescription key with a user-facing purpose string explaining clearly and completely why your app needs the data. Starting Spring 2019, all apps submitted to the App Store that access user data are required to include a purpose string. If you're using external libraries or SDKs, they may reference APIs that require a purpose string. While your app might not use these APIs, a purpose string is still required. You can contact the developer of the library or SDK and request they release a version of their code that doesn't contain the APIs. Learn more (https://developer.apple.com/documentation/uikit/core_app/protecting_the_user_s_privacy).
Best regards,
The App Store Team
To fix this error I put in Info.plist in Xcode 10.2.1 like in this:
but nothing happens. App store send me always this error.
How do I fix this error?
For NSCameraUsageDescription, Add the exact purpose of using camera in the Value column.
For example,
Folks are saying they're getting rejected even though they're not requesting access to camera. You have to know that Apple will scan your code with their static analysis tools. And even if you have this protected behind a feature flag, still the app store review process would reject your app. Because they don't know when you'll turn that feature flag on.
Additionally you could get this issue if a third-party service has a camera access related code in their code. Again even if you don't hit that line (of the 3rd party framework), you'd need that key in.
But then I've had issues where we've added that plist in, but then the app store review team was never able to test it out because the feature was protected by a feature flag. And because they couldn't test it, they didn't approve it ¯\ (ツ) /¯
Last but not least, if you did really need that key in your plist, then make sure its reasoning is generic enough to cover all cases e.g. If you need access to the camera for both take profile pictures and scanning QR code, then given that your app can request access for the camera at either the profile picture step or at scanning a PR code, then your description in the plist should cover both features, not just one of them. If you say "need access to take profile photos" then there is a chance that you could rejected if user hits the QR flow first but sees you're requesting access to take a profile photo. Hence you should say "need access to take profile photos and QR code scan for new devices"
tl;dr identify where in your app flow you're requesting access. If you need it then add its key/value in your plist. If you don't need it then comment out that line. You shouldn't just add the plist just for the sake of passing an app store review. It can fail but it can also succeed, while in a future release it would fail...
In the new version of IOS, apps accessing the camera trigger a dialog that will prompt the user to allow or deny permission for the app.
That's why you need to explain why the application is accessing the input device (Camera, Microphone, etc).
To do this, you need to edit your project Runner/info.plist file by adding the key and string description inside the dict tag.
<dict>
...
<key>NSCameraUsageDescription</key>
<string>My_app_name needs to access the camera to do x_thing.
</string>
<dict>
Or you can add it by opening your product in xcode the image below for more details.

How can I get identification string look like IMEI in IOS

My project have a case: one account user can only log on to one device ( if user log on to app in device A, user can't log on to app in device B). My Idea is: when user login, I'll get the imei Iphone (like android) and send it with request login to server. But I can't get imei. I try with UUID, but UUID will change when re install app. Keychain does not solve the problem. Please help me.
You have to use Keychain to store Unique Id , this will not change even if user delete app
You can use any wrapper Source code to do this
here is an example
https://github.com/Joe0708/KeychainUUID
At the beginning I'd like to mention that I do not know any method that directly answers your question, especially that Apple does not allow you to read IMEI and other similar stuff due to privacy concerns. This has been answered here.
The workaround might be as follows
Take a look at the UIDevice class, especially at the identifierForVendorProperty which provides you (according to documentation ) with a device specific value.
The value of this property is the same for apps that come from the same vendor running on the same device. A different value is returned for apps on the same device that come from different vendors, and for apps on different devices regardless of vendor.
As far as i know some financial apps are secured this way to permit only one device to access the account. This however requires registering a device each time application is reinstalled.
Alternatively you can use UUID you generate within your app (first run) and then you assign it for the user online. It might take the form similar to two step verification process. Be aware however that with such restrictions user will have to be online all the time to use your app.

Is there a way to extract user’s full name from HealthKit in Swift?

I am trying to build a fitness app and I would like to build the user’s profile within the app but I would like to make it as quick and easy as possible for the user. I am able to extract the users stats such as height, body mass, birth date etc from HealthKit but is there a way for me to extract the user’s full name since the ios health app has this on it’s profile page.
I have sifted through the documentation, but so far I haven’t found anything.
no there is no api AFAIC.
you can ask for addressbook access and read the 'me' contact
Well you could go through all the contacts in the AddressBook and see if any of them are marked with the owner flag.
Just be aware that doing this will popup the "this app wants access to the address book" message. Also Apple isn't very keen on these kind of things. In the app review guide it is specified that an app can not use personal information without the user's permission.
You will get the username like this:
var username = NSUserName()!
and you can use same user name for your app.
Yeah, I don’t want to meddle with the address book and freak the user out. I’ll probably just ask them to enter their name instead.

How do apps access your username / device name without the user explicitly providing it? (Example in description)

For example, the VLC app was able to somehow get my username (or device name?) without me ever giving it this info. Here is a screenshot that shows the VLC app greeting me by name in the app switcher. How is this possible if I never gave the app this information? Which API could it be using to obtain this info?
This is possible due to UIDevice class. It doesn't require permissions in order to get some basic system information, after all it's just your name (if you were to ask for location/health data/contacts/etc that would be something else and thus user permission is mandatory).
For more information refer to official documentation here https://developer.apple.com/documentation/uikit/uidevice
That's not VLC but rather iOS.
iOS suggests apps based on time and location of your device. The name is taken from your iCloud Account. VLC is not aware of that banner.

Resources