Hello I work for a big supermarket chain and we are adapting our information flow to support the new requirements for tracking. My question is if we have a web view that takes the user to a specific page on our website does that web view need to respect the tracking policy? No problem if we need to but I just want to be certain :D

Running 'tccutil reset microphone' gives the error message 'tccutil: Failed to reset microphone'. The same command worked in the past. Deleting the TCC.db files didn't help. In the console there is an error from the tccd daemon saying handle_TCCAccessResetInternal: Invalid Service Name: kTCCServicemicrophone(Service name is invalid on this platform) Any ideas?

Hello, In my app I am only tracking the user's location, and I have added NSLocationAlwaysAndWhenInUseUsageDescription, NSLocationAlwaysUsageDescription, NSLocationWhenInUseUsageDescription to info.plist Inside our app we collect email, phone number, name, We also collect customer's address. We DO NOT share any of this identifiable information with 3rd party applications AND we DO NOT have any advertisements inside the app. Our app was rejected and required the App Tracking Transparency. We went ahead and added NSUserTrackingUsageDescription which brings the "Privacy Tracking popup", we have customized the message string to be meaningful and specific to my app. Our app is still rejected, we are not sure why the App Tracking Transparency is required first of all, and secondly don't know why the app is rejected. Any help on this is greatly appreciated.

Does Passkeys in icloud keychain require website to support webauthn ? Also how is this different from the javascript based webauthn implementation ?

Greetings, We authenticate the player with GameCenter, then after we check for GKLocalPlayer.isAuthenticated == true. Finally we fetch the teamPlayerId but we are seeing "Unavailable Player Identification" returned. What is the cause of this value being returned? We are required to fetch this property in order to validate the GameCenter authorization via GKLocalPlayer.fetchItems. Thanks in advance!

I have a macOS app that captures screen images. The first time I run this application, a dialog is shown directing the user to give my app Screen Recording permission. Is there a way I can trigger this dialog earlier and detect whether the permission was granted?

Hi, I have the following scenarios in my app. I want to know whether I need to implement "App Tracking Transparency" or not. 1.My app collects app usage data (analytics data) and sends to 3rd party analytic server for understanding app flow/usage. This data is being used only by me & NOT by 3rd party. Collects crash details using Firebase crashlytics SDK and sends to firebase server and I check the crash logs to improve my app. In my view, I don't have to implement "App tracking transparency" because my app doesn't track user's activity across other company's apps and websites. In fact I track user's activity but not across other apps or websites. Can you please confirm ? If I implement "App tracking transparency" to inform the user that app tracks user activity, the system message comes as part of the "app tracking transparency" to the user will be giving wrong message as "across other company's apps and websites", which is not correct in my scenario. regards, Ajith

Someone can help me to understand why I'm receiving this issue "Rejection Binary": 5. 2.3 Legal: Intellectual Property - Audio/Video Downloading My APP there is no way to download any kind of file. The APP just consume an API and has a player button. I really don't know why I'm receiving this message. We are a radio broadcasting station in Brazil. And we are trying to put our station online through the app.

My application offers a private browsing mode, and in some cases a user may open a URL within the app. Ideally, I would respect the users intent for private browsing and launch Safari in a Private Browsing session. Is there an option to launch the browser in a private session programmatically?

Dear Developers, Our app is an FM radio app, we are requesting users to fill a registration form so that we can use that information to give a directional idea of which channel is being heard in which city of the country. IOS platform continues to reject our app, based on Privacy issues. Need your help to get this sorted

The WWDC 2021 CloudKit session talked about the new encryptedValues field on CKRecord. It also indicated that CKAssets have already been end-to-end encrypted in previous releases. The documentation indicates that for encrypted values such as these: CloudKit encrypts the fields’ values on-device before saving them to iCloud, and decrypts the values only after fetching them from the server. The encryption keys are available exclusively to the record’s owner and, if the user shares the record, that share’s participants. For a client that is accessing CloudKit via the HTTP interface, the documentation indicates that assets have a downloadURL property which can be used to fetch the asset. Does this URL download the already-decrypted asset? Or does it need to be encrypted after downloading? If the asset is already decrypted at the time it is downloaded, how can this work, since as I understand it the key should not even be available to Apple. If the asset is not decrypted at that point, is there documentation about how we need to decrypt it?

Our application uses Vendor ID (identifierForVendor) to determine and authorize a device. We found out that when you configure a new device using Quick Star, the identifierForVendor is duplicated for both devices. Anyone facing the same issue? Do you have a solution? Is a bug from Apple? Thanks in advance

It's currently possible to use a security key (ex. Yubikey 5 NFC) with an iPhone via NFC, but such functionality is seemingly not possible on any current versions of MacOS. Is support for NFC hardware authenticators (over an NFC-to-USB interface/device, such as the ACS ACR122U) planned for MacOS Monterey or any future release?

In the new version, we've decided to remove any kind of analytics (we were using Google Analytics/Firebase) from our app because it could be concerning for users to see the message that "Data Used to Track You". We've updated the privacy policy to clearly specify that we do not collect any personal information and we've updated the code and removed any references to any kind of 3rd party analytics. However, the only thing which we cannot get rid of is the "Data Used to Track You" thing in the App Store Connect. Any attempts to "Edit" this setting and specify " No, we do not collect data from this app" do not remove "Data Used to Track You" in the App Store Connect status. We've tried to communicate this problem to review team who rejected the build but they didn't provide us with any useful information and suggested to write to this forum.

We have a network copy utility which reads from an external volume (specifically camera media). We'd like to grant it external volume access at installation time, preferably without having to find and insert media. But triggering an 'external volumes' dialog (and hence adding an entry to Security / Files and Folders) seems to require accessing an actual external volume. In contrast Full Disk Access can be granted preemptively, but it's a huge security hazard - it would give the copy utility unrestricted access to the entire machine. Is it possible to grant 'external volume' access when you don't (yet) have an external volume connected ?

Hello, I require com.apple.developer.networking.multicast premission for my app as third party sdk required that. For that i follow this link, https://developer.apple.com/documentation/bundleresources/entitlements/com_apple_developer_networking_multicast but Request page in not exist now. So how can i get this permission? Thanks,

Hello guys, Me and my team are developing an application which uses some data from an API and we need to verify that we can recognize a single user ID of the iOS phone to establish a univocal trust relation to share keys that would help us encrypt the communications. I tried some pieces on code that I found on internet, but I do not know if this is enough. print("ID Vendor...\(String(describing: uiDevice.identifierForVendor))") print("iCloud token...\(String(describing: FileManager.default.ubiquityIdentityToken?.description))") And also I was trying to work with DeviceCheck framework and to get that token. print("Generate token")                 DCDevice.current.generateToken {                 (data, error) in                 guard let data = data else {                     return                 }                 let token = data.base64EncodedString()                     print("Token...\(token)") What I want to do is to verify the user identity something like the Apple ID or some personal data, not the device information. Is there a way of retrieving some personal data from the owner of the iPhone that I can use to check if he is who said that it is? Thank you so much! Have a good day!

Hi! Can a website be notified that a user using safari web browser in iOS took a screenshot of the website displayed? Thanks!

I am trying to read history of below browsers in Mac through daemon. Safari (History.db) Google Chrome (History) Firefox (places.sqlite) Since the original History.db files are locked, i am copying it to another location so i can read from copied one. However i get below error, **“History.db” couldn’t be copied because you don’t have permission to access" Error Domain=NSCocoaErrorDomain Code=512** Any help is much appreciated.