1

I am looking for a way to ban iOS and Android devices from using my application on their devices.

by using IMEI or UUID or how can do it.

Snapchat blocked users' devices on iOS and Android how do they do it what is the methods they chose for?

YahYa
  • 407
  • 4
  • 9
  • You can use the DeviceCheck service - You can store a value on Apple's server if they are banned – Paulw11 Sep 06 '22 at 06:44

1 Answers1

1

Now we can not get UUID or IMEI of Android/iOS device, because System doesn't allow us.

In iOS, you can save data (key-value) in Keychain, which is persisted until you reset to factory setting for restore. So you can mostly use it as device's identifier.

Here is a simple and useful lib that help you to write/read something to/from Keychain of an iOS device.

Example:

let deviceId = UUID().uuidString
let keychain = Keychain(service: "com.example.github-token") // you can put whatever but I recommend to use your app's bundleId
keychain["device_id"] = deviceId // save it.


// In you API request function
let keychain = Keychain(service: "com.example.github-token") // same above
let deviceId = keychain["device_id"]


// Then submit this deviceId to BE then you can verify that if this device is on the whitelist or blacklist.
// If it is on blacklist, just return error to client.
Neklas
  • 504
  • 1
  • 9
  • Sorry this is old but i'm curious, so if you want to bypass an application ban you can just reset your device and use new credentials so long as they are not tied back to your original ones or? – caterpree Aug 22 '23 at 14:15
  • @caterpree yes, you are correct. We could read the device's IMEI or any physical ID. But now we can't. We will need another identity to do this task, like an ID number. – Neklas Aug 22 '23 at 17:13
  • wow that is interesting, I assume this is to help pre owned market - for example if someone was banned from snapchat/instagram then wanted to sell their mobile phone to get a new one it doesn't prevent them from doing this? Very interesting, I only just recently got interested in iOS/App dev so still learning. – caterpree Aug 22 '23 at 17:18
  • @caterpree yeah, it is the device ID, new device -> new device ID. Besides, we can use the user Apple ID identifier code to do this task but we will need to setup iCloud in capability. However, it may fail to get identifier code, if users don't turn on iCloud Drive. – Neklas Aug 23 '23 at 02:23
  • Cool to know, I guess it helps make sure phones are usable by others if they were identified as banned from a previous user instead of just making it so you can't use the app on that device ever again, thanks! – caterpree Aug 23 '23 at 09:02
  • @caterpree You are welcome! We will need to combine all possible methods to do this task. Because Apple has been watching how developers interact or deal with user privacy. – Neklas Aug 23 '23 at 09:44
  • Yes I like that Apple is taking more care with user privacy and not giving away details to developers on a whim. Sorry last question; this means that you can't ban a device permanently anymore from accessing your application? I do find that part strange but I guess it makes more sense to ban users as opposed to hardware/IP now. – caterpree Aug 23 '23 at 14:41
  • @caterpree You follow this to ban users using AppleId+CloudKit, which means we can band user's AppleId. https://stackoverflow.com/a/33952540/17286292 – Neklas Aug 23 '23 at 17:55