For users who often use AppCake, whenever we open AppCake for the first time, we will always prompt for “Verify”:
And when the apps that downloaded from PandahelperApp often prompt this alert info:
Then it will guide you to install an mobileconfig file on safari browser,
this is actually they are collecting your device’s UDID!
So, why do they like to do this?
UDID is the serial number of 40 strings composed of letters and numbers, which is used to distinguish each unique IOS device, including iPhones, iPads, and iPod touch. These codes look random, but they are actually related to the characteristics of hardware devices. In addition, you can click iTunes to find the serial number. In a word: UDID is the ID card of your device, similar to your personal ID card!
2.What is UDID for?
UDID can associate other kinds of data to related devices. For example, by connecting to the developer account, you can allow the device to install or test the application before release, or you can let the developer get the IOS beta experience.
Apple uses UDID to connect to Apple’s ID. these devices can automatically download and install apps purchased from the app store, save music purchased from iTunes, help Apple send push notifications, instant messages.
In the early days of IOS applications, UDID was used by application developers and Internet advertisers to collect user data, which can be used to associate addresses and record application usage habits In order to push accurate advertising.
3.Why does Apple refuse developers to use UDID?
Many developers associate a UDID with a user’s real name, password, address, and other data; Web snoops will collect these data from multiple applications, and then follow the lead to get a lot of privacy data about the user. In October 2010, the deputy director of information security and network at Bucknell University said that most applications are indeed frequently transmitting UDID and private information.
In order to avoid class action litigation, apple finally decided to abolish this practice when IOS 5 was released. Developers were guided to generate a unique identifier, which could only detect applications, and other information was not provided.
In addition, as far as we know, developers can use the udids they collect for other purposes, such as simulating the brush, advertising click, and other real user behaviors to cheat Apple or other online advertisers’ advertising revenue.
We don’t know what are the specific purpose of collecting udids for AppCake and PandahelperApp? Even if you declare that the udids collected will never be disclosed, but even if, as you said, UDID belongs to our privacy data, will you tolerate your personal ID number being randomly collected and used?
So would you like to continue using these two platforms?