WebProNews

Tag: Fingerprinting

  • Apple Rejecting Apps that Use Fingerprinting SDKs

    Apple Rejecting Apps that Use Fingerprinting SDKs

    Apple has begun rejecting apps that use software development kits (SDKs) that engage in fingerprinting.

    Fingerprinting is a method of collecting data and tracking users, creating a unique device fingerprint that can be tracked across services. As part of iOS 14’s improved privacy, Apple is now rejecting app submissions that use SDKs known to engage in this behavior.

    According to AppleInsider, a number of developers have already been notified of rejections.

    “Our app just got rejected by Apple’s app reviewer, blaming the MMP SDK for building a fingerprint ID,” wrote Heetch‘s Aude Boscher, in an industry Slack channel. “I saw other people complaining … so it might soon come up for you as well!”

    Apple’s notification message clearly says what the problem is:

    Your app uses algorithmically converted device and usage data to create a unique identifier in order to track the user. The device information collected by your app may include some of the following: NSLocaleAlternateQuotationBeginDelimiterKey, NSTimeZone, NSLocaleGroupingSeparator, NSLocaleDecimalSeparator …

    Adjust makes one of the offending SDKs, used by some 50,000 apps. The company has released an update that removes the offending code, however, providing a path forward for the apps using it.

    While the change is no doubt inconvenient for developers, kudos to Apple for cracking down on one of the more insidious methods of tracking users.

  • Google Restricting Cookies In Chrome To Improve Privacy

    Google Restricting Cookies In Chrome To Improve Privacy

    The days of cookies may be coming to an end as Google announces its plans to phase out third-party cookies within two years.

    The first indications of Google’s plans came in August when the company announced a new initiative called Privacy Sandbox. The initiative was founded in an effort to keep publishers from abusing technologies to track users. Specifically, many web publishers have found ways to work around blanket efforts to block third-party cookies with even more invasive types of tracking, such as fingerprinting. As Google describes:

    “With fingerprinting, developers have found ways to use tiny bits of information that vary between users, such as what device they have or what fonts they have installed to generate a unique identifier which can then be used to match a user across websites. Unlike cookies, users cannot clear their fingerprint, and therefore cannot control how their information is collected.”

    With today’s announcement, Google is looking for a more nuanced approach, one that addresses the needs of advertisers to make money in a way that does not abuse privacy. The company has been receiving feedback from W3C forums and other standards participants, feedback that indicates it is on the right track. Bolstered by this feedback, Google has committed to a timeline for its plans.

    “Once these approaches have addressed the needs of users, publishers, and advertisers, and we have developed the tools to mitigate workarounds, we plan to phase out support for third-party cookies in Chrome. Our intention is to do this within two years.”

    Google also plans to address other privacy issues, such as cross-site tracking and fingerprinting. The company has been under increasing scrutiny for Chrome’s privacy, or lack thereof. In June 2019, The Washington Post went so far as to label the browser “spy software,” and blamed it on Google’s position as both a browser maker and the single biggest cookie generator on the web. Relying on the search giant to protect user privacy is akin to relying on the fox to guard the henhouse.

    Hopefully Privacy Sandbox and Google’s commitment to phase out third-party cookies are a step in the right direction.