How could I lose access to my app's bundle ID?

We're doing some disaster recovery management / risk management and a point-of-failure for our app is if we lose access to our bundle id.

From my understanding, secure keychain items are scoped to your bundle ID as well as iCloud files stored under the app with 'hidden' scope.

Losing our bundle ID is a scenario we want to eliminate completely from our threat/disaster modelling.

Is this a realistic concern we should have?

I’m not sure I understand your question. A bundle ID is a string. How can you lose access to a string?

Are you concerned about some attacker publishing an app with your bundle ID? If so, what platform are you targeting?

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Apologies for the late reply @eskimo - missed this.

From my understanding, data stored in the 'hidden' iCloud file system and data stored in your on-device keychain are scoped to your bundle ID/App ID. If you publish the app under a different bundle id (e.g. com.acme.fintechapp1 vs com.acme.fintechapp2) then we will lose access to all the data scoped with that app.

As you may remember from our previous interaction, we're using expo-secure-store and iCloud's app file system (hidden from iCloud Web)

Couple of possible concerns here:

  1. We lose access to the bundle/app ID (e.g. com.acmecorp.fintechapp) that holds the scope for all these secure files/keychain items.
  2. An attacker hijacks the bundle ID somehow

Perhaps my understanding of bundle identifiers is incorrect. Would appreciate you pointing me to the right place to understand if there are any risks here.

How could I lose access to my app's bundle ID?
 
 
Q