应用本身已经上架了好几年,最近更新版本是被拒绝了,原因是苹果因为 APP 手机收集设备信息生成唯一 id 追踪用户。
“We found in our review that your app collects user and device information to create a unique identifier for the user's device. Apps that fingerprint the user's device in this way are in violation of the Apple Developer Program License Agreement and are not appropriate for the App Store.
Specifically, your app uses algorithmically converted device and usage data to create a unique identifier in order to track the user. The device information collected by your app may include some of the following: sysctl, serviceSubscriberCellularProviders, NSFileSystemSize, isoCountryCode, and NSProcessInfo.”
关于设备唯一 id,app 本身用了 CFUUIDCreate 来创建唯一 ID 存在 keychain 里(原因是业务要求同一个账号只能在限定设备数量登录,多了就要用手机验证),然后用到的不少第三方库也是有用到这个函数。 然后上面提及的函数,也是有不少 SDK 使用了(例如极光一键登录、阿里推送、百度统计啥的)。 所以先回复了苹果这些函数都是基于合理的需求使用而非生成设备唯一 id,然后收到回复
“We continue to find that your app collects user and device information to create a unique identifier for the user's device. Your app may be using some of the following API to create a unique identifier for the user's device: XX_FINGERPRINTING_METHODS_XX.”
根据提示,根据 FINGERPRINTING 关键词搜了所有 SDK 都没发现类似的。这时候就很尴尬了,不清楚苹果判断的标准是啥,也不知道哪些 SDK (闭源的)是有问题的。
有无相关经验的 V2 可以分享下如何处理?
PS:我遇到的情况跟这篇文章基本一致 https://www.ithome.com/0/543/769.htm
1
Select Language