In 2020, the Apple App Store official has repeatedly mentioned relevant announcements about user privacy policies. IDFA closed, SKAdNetwork and the new user tracking program, these topics have been hotly discussed again and again. And yesterday, a batch of Chinese app developer accounts have successively received warning emails from Apple. The content is roughly "We found that your application collects user and device information and creates a unique identifier for the user's device." Apple said, To solve this problem, it is necessary to delete all functions that use algorithms to convert devices and usage data to create unique identifiers for user devices in the application. And the app must be updated within 14 days, otherwise the app will be deleted from the App Store.
Why are developers warned by Apple?
At WWDC last year, Apple announced the launch of a new application tracking transparency privacy function (App Tracking Transparency, referred to as ATT), and it is clear that it will be implemented this spring. A few days ago, Apple said that starting from the upcoming official version of iOS 14.5, it plans to require developers to obtain clear user permission before accessing the iPhone’s advertising recognizer or IDFA. The adjustment of IDFA will affect developers, promoters and advertisers.
In response to this, domestic developers have begun to seek solutions. According to industry sources, some large domestic Internet technology companies are testing new solutions, and some Internet companies have also begun to use the new CAID (China Advertising Association Internet Advertising Identity) program to avoid Apple's privacy management policy restrictions. In addition, there are many third-party advertising platforms that have launched alternatives one after another.
Through the tests of the ASOWorld technical team and the feedback cases of developers, it is found that the main reason why some developers receive emails is that they use the SDK version of CAID and other platform statistical SDK access methods to collect user information.
How should developers respond?
It is not difficult to find that Apple has realized that some developers have begun to try to bypass the ATT workaround. Jackie Singh, a former senior cyber security officer, also said that these warnings show that Apple has the ability to use automated tools to detect violations of its privacy guidelines.
Based on Apple’s warning about the new privacy coup, the ASOWorld technical team has summarized several suggestions for developers’ reference:
1. [Issues about the CAID of the China Broadcasting Association SDK version and the statistics SDK of other platforms].
At present, the use of the CAID of the China Association for Public Affairs SDK version has been warned or rejected by Apple. It is recommended to connect with caution, and consider using it after observing the follow-up situation. If you have access to the statistics SDK of other platforms, it is recommended to communicate with the platform to confirm whether there is such a generation plan. If there is any, consider deleting this version of the SDK or ask the platform if there is an SDK version that does not use this solution. In addition, with regard to the CAID of the API version of the China Broadcasting Association, although no developers have received warnings from the developers using this solution, this solution still has certain risks, and it is necessary to carefully consider whether to connect to the test.
If you receive a 5.1.2 warning email, it is recommended that the developer delete the SDK and upload it again in time to avoid being taken off the shelf more than 14 days;
The editor summarizes the current advantages and disadvantages of CAID, interested partners can refer to:
Guangxie CAID advantages:
1) It does not rely on IDFA to perform attribution and user behavior tracking on devices;
The user of the current version is insensitive and does not require user authorization to allow access;
Participated by the China Broadcasting Association and major media companies and institutions. It is authoritative and will use the same algorithm as the accessed media and products;
The ID is generated centrally, and the ID generated by the latest version of the algorithm can be received in time.
Disadvantages of CAID:
It is impossible to make coincidence judgments for multiple CAIDs of a single device;
There are charges, which need to be paid according to the frequency of calls;
The initial access is more complicated, and the CAID needs to be cached;
It is not possible to use CAID alone to determine whether a user is new or recalled.
2. [About Apple's official SKAdNetwork solution]
This solution has no development cost, and it is recommended that developers access it simultaneously. Although SKAdNetwork currently has drawbacks in tracking and settlement of some advertising data due to callback mechanisms and delays, the recently launched SKAdNetwork 2.2 version adds support for browser-based ads, which means that it can record users in the App. Store browsing and subsequent download behaviors, for example, the behavior of users going to the App Store to search and download after browsing advertisements can also be tracked. In addition, the proportion of new and old users can also be analyzed through callback data.
The advantages and disadvantages of SKAdNetwork, interested friends can refer to:
Advantages of SKAdNetwork solution:
Officially provided by Apple, statistics can be achieved without user authorization;
At the advertiser level, the access within the App is simple, one line of code;
Apple verifies the validity of the user's installation from the Apple ID level / repeated installation;
Disadvantages of SKAdNetwork solution:
Does not support device-level data tracking, with fewer data dimensions;
The data is not real-time, there is a delay of 0-24 hours;
SKAdNetwork 2.0 only supports iOS 14. Some functions of SKAdNetwork 2.1 and 2.2 only support iOS 14.5;
The callback data is called back to the advertising platform, and advertisers cannot obtain the direct callback data.
It is reported that whether the CAID solution violates Apple's privacy management policy has not yet been clarified, and the China Association is also actively communicating with Apple. If it is negotiated that the solution is available, CAID may continue to be implemented. Will continue to observe whether the use of CAID and other similar alternatives will cause further investigation by Apple.
At this stage, it is recommended that you pay attention to the information in your Apple developer mailbox in time. If you receive a warning, you must respond positively to prevent the App from being removed. In addition, it is necessary to pay attention to the news and program changes of CAID and other platforms in a timely manner. The ASOWorld technical team will continue to pay attention to this issue and keep up with everyone's latest developments.