iOS 10.3 Beta 2 autodeletes keychain items after application uninstall?

App & System Services Core OS Beta iOS

Created Feb ’17

Replies 33

Boosts 0

Views 49k

Participants 22

In previous versions of iOS, the keychain data persisted even when the app was uninstalled and reinstalled on the device. After upgrading to iOS 10.3 beta 2, it appears as if deleting the app also deletes all associated keychain contents for that app. The code I'm using to interface with the keychain hasn't changed, and works with iOS 10.2. Is anyone else experiencing this behavior? I haven't had a chance to test this with 10.3 beta 1.

I've searched through related threads here:

https://forums.developer.apple.com/message/75464

https://forums.developer.apple.com/message/112523

The conclusion from the Apple staff member is that the persistence of the keychain data across apps re-installs is a side-effect of the implementation rather than a feature, and that the behavior should not be relied upon. Maybe they finally decided to update the implementation?

Answered by gc. in 213781022

This is an intentional change in iOS 10.3 to protect user privacy. Information that can identify a user should not be left on the device after the app that created it has been removed.

It has never been a part of the API contract that keychain items created by an app would survive when the app is removed. This has always been an implementation detail.

If a keychain item is shared with other apps, it won't be deleted until those other apps have been deleted as well.

There is documentation in the works about this change that should address questions raised in this thread.

--gc

Boost

shougayugokugoku OP

Mar ’17

Hello huin,

I also confirmed that this issue does not reproduce with iOS 10.3 beta 7.

>I hope this change will not include in public release.

I feel the same.

Smallmedium OP

Mar ’17

Like others, we found that keychain persitence after app removal is still ocurring on iOS 10.3 beta 7. As Apple typically provides more frequent beta updates approaching the GM and that appears to be occuring now does this mean that keychain persistence will still be possible on the final GM?

We're already working on an alternate solution to provide the features our users will need, but it will be good to be informed of Apple's plans since these changes are quite costly, and even if the change will be imminent but simply postponed then we could schedule our work accordingly. You also mentioned that some documentation was in the works, and I hope you might update this thread with that once it's available.

Thank you gc.!

ants OP

Mar ’17

kSecAttrAccessGroupToken – A workaround for the keychain autodelete behaviour found in iOS 10.3

Rozzle OP

Mar ’17

10.3 was released publicly today and it seems the behaviour experienced in the betas is not reflected in the public version. In my testing, keychain items continue to persist beyond app delete.

zhq OP

Mar ’17

Thanks for testing

huin OP

Mar ’17

Rozzle

Thans for your information.

shougayugokugoku OP

Mar ’17

Rozzle

Thanks for testing.

I also confirmed the same result.

gc. OP

Apr ’17

Hi Zevik,

This is a bug in the beta that should already be fixed by the time you read this.

kSecAttrAccessGroupToken is writable only by CryptoTokenKit smart card drivers. Apps can query the keychain using that attribute in order to find items stored on a particular smart card. This attribute is not for any other use.

--gc