Assume a user has two iOS devices that support Passbook and that the user has both registered on the same iCloud account, and has Passbook toggled on for synching with iCloud.
If a user downloads an updateable pass (e.g. has webservice URL) through an app (via link) and installs the pass on device A, will device B go through the motions of registering the Passbook pass using the registration service/get serial number/get updated pass? E.g. from a different POV, must the server assume that the user can synch their updateable pass across different devices, and must it support multiple registrations of the same pass across different devices?
Background:
Our business wants to use passbook, and we naively thought we could use the device lib identifier to distinguish a device. Turns out that within a single update (manual or automatic update) the same pass (e.g. passTypeID+serial combo) can change device library identifer as part of their call to the registration REST service. So we thought we could at least handle this by always updating the most current registration entry with new details so we would at most have one registration.
This breaks if two or more devices can be synched and both automatically go through their own registration processes. Only one of the devices would have it's pass registered correctly, and it would be difficult to predict which device has a correctly registered pass. If this doesn't happen, we can hobble along with our current solution.
We have implemented a Passbook Plaform, and we support multiple devices for each Coupon, here is my example with my Mac, iPhone 5 and iPod.
I download the coupon from the Mac from the URL eg: https://passqlub.com:8443/passGen/Pass.seam?passId=71
Then I have the preview of the coupon and then I click to "Add to Passbook"
Like in 5-10 mins, the iCloud of both devices (iPhone and iPod) sync the coupon in both device. As soon as the coupon is downloaded to the Device, it get registered with to records (same serial, same PassType, but two deviceId and tokens)
If the platform want to send an update, it must get the serial and passtype and iterate over the devices and send the push notifications.
Hope it helps to clarify the sync of passbook on multiple devices.
You are correct in that it is not possible to use the device identifier to distinguish a user or a device. There are two reasons for this, firstly if a user has multiple devices and an iCloud account then the pass will automatically sync across all devices, and all devices will register with a unique device identifier.
Secondly, for security purposes, devices rotate their identifiers and tokens. When this occurs, the device re-registers with a new device identifier. Annoyingly, it does not deregister the old identifier. The only way you discover that a device identifier is stale is via the APNS feedback service. So if you are not regularly pushing updates to the pass, or you are not frequently checking the APNS feedback service, you will continue to accumulate device identifier records, when in reality the number of devices has not increased.
The only reliable way to uniquely target a pass is via a combination of serialNumber, authorizationToken and passTypeIdentifier. These three (or a combination of passTypeIdentifier and either of the other two), can act as a reliable primary key.
You might perhaps want to reconsider your schema and logic for targeting records. Apple's sample Passbook Server code contains a simple but effective SQLite schema for pass records and device records. In this example, device records are indexed by a concatenation of device identifier and serial number.
In any event, you should be considering your pass records independent to your device records. When you wish to update a pass, update the pass record, then identify the devices on which the pass is installed, retrieve their device tokens and send to the APNS server. When each device calls in to retrieve the update, you can always identify the pass record using a combination of serialNumber, authorizationToken and passTypeIdentifier.
Related
I want to get some unique identifier to allow specific devices to accessing my API, but looking on internet there's no way to get it and it's against Apple Policy,
But I need to get one of unique ID (e.g IMEI, UDID, ICCID, MEID, ETC)
looking on react-native-device-info, it just have getUniqueID() that can changed
This is IDFV on iOS so it will change if all apps from the current apps vendor have been previously uninstalled.
How can I get a unique ID ios devices?
FYI: My app won't be release into AppStore
There are major privacy concerns when getting a unique ID from a device. You have a few options.
First, you could just add some form of authentication or login system. This could be per device, per user, or even 1 login for the entire API. You could also limit the API to only respond to certain controlled IP addresses.
Second, you could add a flag and have a different version for production then in development. Limiting access that way.
Third, on first launch of your app you could request a new token from your server. The device would then store that token and the server would as well (to ensure no duplicates). Then just take that stored token and send it to the server for every request.
But on the device level there are privacy concerns in unique IDs for each device. You have to build your own system to handle it depending on your needs.
I would suggest that the IDFV was designed to suit your needs, while maintaining some level of privacy.
It is supposed to allow you (a vendor) to identify a return visit while not allowing you (a vendor) to share a user's identity with a third party in a relatable way for the third party to data-mine.
If users are routinely uninstalling and re-installing all of your apps I would look at solving the distribution issue you have there. I would assume (although haven't tested) that an update of an existing app would maintain the IDFV.
I have an iOS application in which i am using Facebook login, and after that phone verification is done which lets the user continue with the app. I ask for phone verification only once when user is being registered.
I wanted to ask if there is any way i can stop users from using the app on two devices? because application records user's footprints(location) and current location, if users use the app on two devices, locations updates will be made by both devices and there won't be any way to tell which location belongs to the user?
Can i use UUID or some other identifier?
You are not allowed to use the UUID. But you can generate a vendor id. But you will need to check if the user already uses on device on some kind of server and let the App ask if it is allowed to run.
But keep in mind that Apple doesn't like such things.
Well, I had to do a similar thing once. The app used to have in app purchase of number of device it can run for a single user. What I did was:
I used to take the UUID of the device while signing in to my app and send it to server.
In my server side database could store the UUID against a user. Whenever a user tries to sign in I used send the UUID with the sign in request.
If the UUID was present then I return success response otherwise I used to check the number of device allowed for this user. If adding this device exceeds the limit then I used to send failure response. Otherwise used to insert the UUID against that user and return a success response.
Suppose if a user deletes the app from a device and want to login from another device. Then display a popup like "Do you want to change the device?" If he/she say Yes then I used to update the UUID and allow him/her to use the app in this device. And every time the app starts (new launch or from background) I used to check the UUID against server's UUID.
You can design your own system but using device UUID gives some extra benefit. like you don't need to store the UUID anywhere and you can rely on its uniqueness.
I remember, the device token never changes upon re-installing for iPhone.
However these days (especially on iOS 9), I noticed that device token is changing if I re-install the app.
Is this setting is done by Apple or I am missing anything?
I have to know this because this is very important for me as I am sending push based for specific users to inform their updates.
Also for no reason there are un-wanted many device tokens.
Note
I am calling below webservice in App Delegate
- (void)application:(UIApplication*)application didRegisterForRemoteNotificationsWithDeviceToken:(NSData*)deviceToken
{
// sending it to online database for my record
}
Yes on iOS9 Apple says that Device Token might change each time your app is installed. So the best way is to reregister the Device token on each launch.
Here is a link to Apples documentation about changing device token
You need to find your own way to track user. Here is issues with your approach and suggested vendor identifier:
Device push token can change at any moment. You can track this change during application launch and ask server to switch tokens, but messages which will be send till this moment on old token will be lost.
identifierForVendor - also very unreliable source of unique identifier, because it will change in a lot of cases.
The value in this property remains the same while the app (or another app from the same vendor) is installed on the iOS device. The value changes when the user deletes all of that vendor’s apps from the device and subsequently reinstalls one or more of them. The value can also change when installing test builds using Xcode or when installing an app on a device using ad-hoc distribution. Therefore, if your app stores the value of this property anywhere, you should gracefully handle situations where the identifier changes.
For single device you can use Keychain as source of persistent identifier storage. You can generate for user new unique identifier (for example with NSUUID) and store it in Keychain (if not exist yet). If access group will be configured for stored item and reused with all your application - you will have access to stored unique identifier from your applications on user device. If properly configured, item in Keychain will be stored in encrypted user device backups and even will be restored on his new device.
Yes, it might be changed when each time app is installed. you need to update the device_token on every launch of app.
rtfm:
"The value of this property is the same for apps that come from the same vendor running on the same device. A different value is returned for apps on the same device that come from different vendors, and for apps on different devices regardless of vendor."
https://developer.apple.com/library/ios/documentation/UIKit/Reference/UIDevice_Class/#//apple_ref/occ/instp/UIDevice/identifierForVendor
My iOS app is currently on beta in TestFlight, and as a way to retribute to the nice people who helped me test it I would like to offer them some goodies such as, for instance, the full final version of the app for free.
For this, I was thinking of sending them a last beta version which would, automatically and upon execution, store some kind of ID from the logged in user into a VIP list I would keep online and then every next version of the app would check for their ID in order to verify if the user is a VIP user and unlock all the premium features.
Is it possible to obtain in the Cocoa apis a unique identifier that is associated to the user (as opposed to the device unique identifier)? I want this because I want to recognise the user in whatever device he installs it. I would like to avoid having to make my beta testers manually register as VIPs.
Thanks!
Yes, this is possible using CloudKit. You'll need a CKContainer, and you'll ask it to fetch the user record ID. That record ID is unique for your apps, but is also stable for that user this means the same iCloud account will have the same record ID, regardless of which device they're running on or which of your apps they're using.
If you turn on the CloudKit capability for your project, Xcode will automatically create the iCloud container for you, and you can then access it using one of the two CKContainer constructors.
I want to get the device token of the device and want to send it to a server.Sometimes if I uninstall the app and install it again,Then the new device token which I got is different than previous.So,In my server there are two device tokens which are belong to same device.Can we avoid that?(In my service,I want to keep only one device token per one device)
Thank you.
If you doing this for push notification, you can use the feedback service from apple to detect if a device is deleted.
You can store a generated UUID and store it in the keychain like this. If you set it up right, it will persist between app deletes and reinstalls on the same device, but not across multiple devices via a restore from backup (unless you want that).