I am working on an enterprise app and need access to programmatically retrieve the device's serial number. Is there an API or any documentation on how to retrieve this in iOS 8? From what I can tell, this functionality has been removed in iOS 8.
Is there a suitable replacement identifier for the serial? I need something that is reliable and will never change even if the device is reset.
It will be for enterprise usage so App Store approval is not a concern.
You're up a creek here. The two "tracking" features are Advertising Identifier and Identifier for Vendor. The former can be reset within the Settings app quite easily while the latter will reset once the user uninstalls all apps with the root bundle identifier associated with the app suite. Both also change with a device reset of course.
If you're deploying the app with an MDM solution you will have access to that device's UDID as it still flows forward to MDM servers, you just can't access it programmatically in your code. The complete deprecation of UDID, serial number and MAC address (even with private APIs) stomped all over some custom utilities I wrote within our Enterprise to try and accomplish something similar to what you're looking to do. If you find somethingthats consistent I'd love to see the follow-up!
EDIT:
I had an epiphany while circling back to this situation again. If you are in fact using AirWatch (I can't speak to Mobile Iron, etc) you can setup the console to send a keychain value to each device at the time of app install. From there the app will be able to consume the value AirWatch sends down. The same goes for any attribute that AirWatch harvests for the device (serial, UDID, MAC, etc). While this workaround comes with a big caveat (using AirWatch for deployment) it will work. Since Apple neutered all Serial Number work arounds win iOS8 this is the most viable option I have found.
Related
I am planning on using DeviceCheckor indentifierForVendor to ensure that the same device is not being used to redeem multiple times the same gift (free money for example sake) offered to new users. I am wondering however, if it is possible to trick this system on a jailbroken device? Or using a custom simulator or a botnet (do iOS botnets exist?)?
I haven't tried it myself, but I think it is possible to change the bundle identifier, resign the app and side load it to your device.
This will change the change the identifier for both DeviceCheck and indentifierForVendor.
Now, for this to really affect you, the user needs to get a hold of the ipa. Which is getting increasingly difficult with the newer versions of iOS.
If you are interested in trying what I've discussed, refer to this link.
https://coderwall.com/p/qwqpnw/resign-ipa-with-new-cfbundleidentifier-and-certificate
And probably AirSign (much easier). Its a paid app for the Mac. https://www.macupdate.com/app/mac/51845/airsign
I'm aware if the following methods, each which has it'd flaws
UDID
Advertising Identifier
Vendor ID
The problem with UDID is that its deprecated and doesn't even work as of ios7, problem with other two is that the user can change them via software reset of phone or reinstallation of app
Another interesting solution I found is to randomly generate one yourself and then save to keychain to avoid deletion upon app reinstallation however would this work across software resets? And surely there's a very small chance that two devices would randomly generate the same ID?
I think the best option might be to use UDID but I would like to know if, even though the UDID is incorrect as of ios7, is it still unique?
Yet another option is MAC address but as far as I know, there is no API for these
Please advise on the best option
Starting iOS 7 deducing MAC address isn't possible. You can, however, use below:
[[[UIDevice currentDevice] identifierForVendor] UUIDString]
Per Apple Documentation:
The value changes when the user deletes all of that vendor’s apps from
the device and subsequently reinstalls one or more of them. The value
can also when installing test builds using Xcode or when installing an
app on a device using ad-hoc distribution. Therefore, if your app
stores the value of this property anywhere, you should gracefully
handle situations where the identifier changes.
I'm building an in-house app that is distributed via the AirWatch app catalog. The app always runs with Guided Access enabled and all devices running it are managed by AirWatch. My questions are regarding auto-update:
Is there a way that AirWatch can force the update immediately or as soon as the device comes back online, without asking for the user's input? If so, how does the app being open affect this behavior? How does guided access being enabled affect this behavior?
Is there a link from AirWatch, perhaps an itms-services:// link, that the app can call to install the new version if a web service had indicated that it's no longer the latest version? If so, how does Guided Access being enabled affect this behavior?
Is there any other good model for remotely updating the app that will spread the update as quickly as possible and under the above conditions? The solution can be using MDM or a custom web service or both combined.
Thanks a lot for your help!!
If your devices are running iOS7 and you have your app Deployment settings set to "Auto" (as opposed to "On-Demand") the device will automatically take the update once it processes the APNs notification to do so. If the device is locked/offline it will typically check for outstanding APNs messages within a minute or so of being unlocked or coming back online.
What I don't know is since your app is in guided access mode if you're receiving a pop-up to install the new version. I've seen previously where if the app that requires an update is open iOS will prompt. What we have done to battle this is embed a check in the app that phones home to see if the app is current. If the app is NOT current the user can't do anything until they update their app.
Regarding a direct-link to the App Catalog to update the app that might get tricky with guided access enabled. Before you even try to tackle that issue understand that the app catalog webclip URL contains the UDID of the device as of AW7.1 (I think). Since the UDID is no longer programmatically accessible code-side AirWatch allows you to push the UDID upon app installation in the Deployment/Application Configuration section. You can embed {DeviceUid} into the key share on the device which will make it accessible for that applciation, hence allowing you to create the appropriate App Store URL within your app.
Good luck
honestly I didn't work with AirWatch. But I don't think that Apple provides a way for automatic update of ad-hoc or enterprise apps.
Well, I can describe a solution for an enterprise app I developed last year. Hope it will help you somehow.
First of all, I made it as a part of our secure website. (a little test flight)
Here's how app update works
When the app launches it sends special request to a server asking if
it is outdated and a new app version is available. (+ servers sends
url for new version installation (with itms-services://))
Then
if update is required, app fires alert with description of new
version, if user taps update, the app opens Safari where the user
is able to install a new version.
We made to different kinds of alert, optional (minor version change) and compulsory(major version change). With later variant user is unable to get rid of alert view, so he has to update the app.
You can update your internal app through the AirWatch Console and applications versioning.
I never used it but I imagine that at the end of the new version process, there is a way to push the updated app to the related devices. If the Push Mode is set to Auto, the user won't have to do anything and the app should be updated. If it is On Demand, the use will have to initiate the process from the App Catalog. From for the latest option, you have the solution to send a notification to the user.
It is also possible to retire or inactivate older versions to only keep the newest one.
If you have access to AirWatch Online Documentation, I recommend you the page Using Add Version for Applications. If you don't, contact your administrator and ask for all the pages located in Mobile Application Management -> Internal Applications and the page Using Add Version for Applications.
You should try it with a single device though ;)
I'm working on the development of a "check-in" type app for my iPad repair company. I'd like to enforce that a pass code is removed so I have full access to diagnose the device. This could be either removing a passcode programmatically or just providing instructions on how to remove a passcode and refusing to allow the repair request to be submitted without ensuring it was removed by the user. Preferably, I'd like to be able to do this in Swift but Obj-C is fine.
I would be working directly with schools and businesses as my main customers so I would be using an enterprise development account. No worries about App Store reviewers getting their messy hands on my API calls.
Currently all of my prospective customers are using an MDM with deployment functionality so that part should be a breeze.
There is no API to remove passcode from a iOS device. But you can use one of the Mobile Device Management tool to remote wipe the device to reset the passcode.
In our applications the user autentications is based on the serial number.It seems that in ios 8 it is not possible to get the serialnumber.Is any other way?
Thanks in advance.
Apple deprecated access to a unique-per-device UUID (known as uniqueIdentifier as of iOS 6. As of iOS 7, they also blocked access to MAC querying the address, and other sorts of unique identifiers. Sometime between iOS 6 and today, they started rejecting any application that accesses this property.
There are two replacement APIs that might help: on UIDevice, there is identifierForVendor, that is consistent across your apps. And there is also an entire framework, AdSupport, who's job is to provide an identifier that can be used for advertising networks. This identifier has the limitation of people can change it whenever they want, so you cannot rely on it being consistent across multiple launches.
The hint Apple is trying to pass on here is "you cannot consistently, uniquely identify people per device across multiple apps that are not your own".
In addition to zadr excellent explanation I would like to not iCloud as another possible solution:
Simply store a value (as file or key-value) in iCloud. Only disadvantage of this approach is, that you will have to add the iCloud entitlement to your app if your app does not use iCloud yet. On the other hand there are some advantages
Very little / none additional effort necessary if your app already uses iCloud
No additional Frameworsk like AdSupport necessary
The saved value will be consistent between devices and app re-install
More than one app can share the ID by using the same iCloud (ubiquity container)
Of course in some cases this might be a little overdone but in other this can be a handy solution.
I would recommend using uniqueIdentifier as suggested above but saving in keychain. This way its reliably available to you all the time, and can be used to track the user.