When iOS 17 comes out this fall, it adds a host of new features that will make your iPhone even better, like contact posters, standby, and live voicemail. But there is one more little-known change that will make your iPhone more secure. A new development requirement is introduced to ensure that apps use as few APIs that identify users as possible.
ⓒ Foundry
Reported by 9to5Mac, iOS 17 introduces a set of ‘required reason’ APIs, which must be predefined by the app before being accepted for distribution through the App Store. According to Apple, these APIs could potentially be misused to gain access to device signals to determine the identity of a device or user. API known as ‘fingerprinting’, specifically, active keyboard, disk space, file timestamp, system boot time, default user ( user defaults), etc. If developers want to use these APIs in their apps, they must provide compelling reasons for why they need to use them and what data they collect.
For example, an app that uses the file date API should make it clear why the app needs to display the file date to the person using the device. The same is true for accessing the date information of files within the app container or the date information of files and directories used by the user. If the reason presented does not match the requirements, the use of the API within the app may be restricted.
If you use the API legally, the app store review will be completed quickly even if new requirements are introduced. On the other hand, apps that inappropriately use APIs to collect user data may be rejected from app store distribution. Apple said the new requirement would take effect this fall.
[email protected]
