Apple’s UDIDs – Rejected for App Developers?

March 29, 2012 by David Mahdi     No Comments

I recently read two interesting posts on this subject — one from GigaOM and another from Gartner’s Avivah Litan. Both posts talk about Apple’s recent rejections of apps using the UDID (unique identification number) on iPhones/iPads.

The lead issue here is likely related to privacy. As the GigaOM posting pointed out, the UDID can be used to provide app developers with tracking data, and ad networks with information to aid in building profiles. These profiles are used to help the ad networks better target individuals with relevant ads.

If Apple is, indeed, rejecting apps that utilize the UDID, then it will be interesting to see what alternatives arise. In the post, “Apple’s rejection of UDIDs will drive adoption of alternatives,” Litan points out that there will be alternatives that will step in. Furthermore, she mentions that it should not only include the UDID, but also other workarounds, especially if it is privacy at the heart of the issue.

One thing I find interesting from an authentication standpoint, UDIDs could be leveraged as another factor (e.g., in combination with a username/password and/or PIN etc.). But with so many app developers and ad networks utilizing the UDID, Apple likely needed to react to fend off privacy concerns. Oh, the interesting balance of technology, privacy and security!


Entrust senior product manager David Mahdi specializes in Entrust’s mobile and cloud security solutions. He is an experienced IT security professional with more than 10 years in IT security, software engineering and product management. David played a key role in shaping Entrust’s mobile strategy, which included mobile authentication, strong mobile identity, mobile device management and mobile devices in the national ID/ePassport space. David spends most of his time conducting research on the mobile and cloud market, as well as conducting seminars on IT security. Prior to Entrust, David was a product strategist at Sophos, where he led efforts to increase Sophos' presence in the gateway security space. He is a well-versed information security professional for PKI, SSL, mobile, cloud, NFC, PACS/LACS, gateway security (Web/Email), malware, encryption and network security.

Add to the Conversation