When iOS 17 arrives this fall, it’ll carry a slew of options that make our iPhones higher, together with Contact Posters, Standby, and Dwell Voicemail. However there’s one you won’t discover that may make your iPhone safer: a brand new developer requirement that seeks to chop down on apps that use APIs to trace customers by “fingerprinting” them.
As noticed by 9to5Mac, iOS 17 introduces a set of “required purpose” APIs that must be outlined earlier than an app might be authorized for distribution within the App Retailer. Apple says these APIs “have the potential of being misused to entry machine indicators to attempt to establish the machine or person, also referred to as fingerprinting.” Builders utilizing one of many 5 required purpose APIs–energetic keyboard, disk house, file timestamp, system boot time, and person defaults–should declare a number of authorized causes for utilizing every of the APIs and the info they acquire.
For instance, an app utilizing the file timestamp API should declare why the app must show file timestamps to the particular person utilizing the machine, entry the timestamps of recordsdata contained in the app container, or entry the timestamps of recordsdata or directories that the person particularly granted entry to. If these causes should not met, the developer will be unable to make use of the API of their app.
For builders that legitimately use these APIs, the additional steps must be fast. Nevertheless, the rule change may result in submission rejections for apps that improperly use APIs to gather person knowledge. Apple says the brand new rules will go into impact in fall 2023.
