10

As we know Apple is deprecating developers' access to UDID. But to my knowledge it is possible to get an iDevice's MAC address. So what's the difference then? Both MAC address and UDID are unique identifier of a hardware, which is not app specific.

Xavier_Ex
  • 8,432
  • 11
  • 39
  • 55
  • What are you asking, and how does it relate to developing software? You're right: UDID is deprecated, MAC address is a possible substitute. – Caleb Mar 16 '12 at 20:18
  • @Caleb Thanks for your reply. So basically we have to figure out a substitute of UDID to use in the future and have all other things based on UDID changed to that. I don't see the reason why Apple would deprecate UDID, making developer's life more complicated. It seems removing this feature doesn't provide any advantage, as there is MAC which serve the same. So I'm wondering if there's something that I missed. – Xavier_Ex Mar 16 '12 at 20:23
  • 1
    Use the advertising identifier. All these numbers belong to you except for the hardware identifiers. Attempt no landings there. – james woodyatt Mar 23 '13 at 05:04

2 Answers2

9

Some obvious differences between UDID's and MAC addresses:

  • It's conceivable that a device might have more than one MAC address.

  • Guaranteeing uniqueness for MAC addresses isn't Apple's responsibility.

  • UDID's and MAC differ in size and format.

I think it's best to consider the deprecation of the UDID as Apple's way of encouraging developers to switch to other means of identification. For example, keep track of the user rather than the device by setting up a userid/password system. Tracking the UDID brings some problems, like what to do if the user loses or sells his or her device.

Caleb
  • 124,013
  • 19
  • 183
  • 272
  • 1
    Thanks for your answer. I originally thought (and read about) they deprecated it just for privacy and security reasons which can also be exploited by MAC. Reading your answer makes more sense to me. – Xavier_Ex Mar 16 '12 at 20:46
  • @Xavier_Ex If the UDID is considered a privacy/security risk, or even just a PR risk, Apple's in a position to do something about it. Getting rid of the MAC address isn't so easy. So perhaps they're just doing what they can. – Caleb Mar 16 '12 at 22:56
4

Apple did in fact, deprecate UDID due to third party companies which exist for the purpose of aggregating (as in paying for) data from app developers to sell ads.

See tracking cookies, same concept. So while technically sound, and a huge convenience for developers who dont want to require a user name and password to their applications, due to third party tracking companies this ends up being disastrous for user privacy.

Apple now supports a UUID (universally unique ID) which can be genned from the SDK, which will uniquely identify that user to the application itself but not across applications.

This sandboxes the ID, doesnt require the developer to resort to hacks like MAC address, and protects the user from third party tracking schemes.

If you dont use UUID, expect Apple to reject your app. Even if you use Mac address you will not necessaliry escape detection since there is almost no reason an app would require such information to operate.

bobx
  • 41
  • 1
  • But now there is something called OpenUDID and many other alternatives that do identify the device across apps... These IDs are mostly used by 3rd party ads and analytic companies. If Apple do rejects these, does it mean Apple is as well killing the companies that do mobile analytic like Kontagent, InMobi and so on? – Xavier_Ex Jun 05 '12 at 16:56