In our mobile we are using UUID as a device identifier . With this ID we using certain function like Primary device and secondary devices . Primary device has more control to the app other than secondary device . In our case user is getting new iPhone and the apps related data are moved to new device from old device from clone option. While moving the keychain data is also moved , which is causing the new device also has same UUID and the customer are using both the devices in some cases , So both devices are considered as primary in our app . Is there any way to identify the device is cloned , Needed suggestion
Let’s start with terminology. When talking about phones, clone doesn’t mean what you think it means (-: [1] The correct name for the mechanism that allows a user to easily migrate to a new iPhone is Quick Start. Apple Support has an article that explains the user side of this: Use Quick Start to transfer data to a new iPhone or iPad.
If you store information in the keychain then, yes, it’ll be migrated during the Quick Start process. There’s no specific API to prevent that [2]. One thing you can do is sign some data with a key that’s protected by the SE. Such a key will only work with that specific SE.
However, there’s a caveat here. When you protect a key with the SE it’s bound not just to that SE but to that instance of the SE. Imagine the user does something like this:
- Sets up your app.
- Backs up their device.
- Erases it.
- Restores from the backup.
Step 3 generates a new instance of the SE and it won’t be able to use the key you created in step 1. You’ll need some strategy to recover from that case.
Finally, one further caution: I suspect that you’re system is relying on the fact that, when the user deletes your app from their device, your UUID keychain item is preserved. While that’s currently true, it’s not considered part of the API contract. I talk about this more in this post.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
[1] Search the ’net for “iphone cloning” and you’ll understand what I mean here.
[2] You might think that the ThisDeviceOnly constants would help, but those are less strict than the name might imply. I’ve never got around to testing the Quick Start side of this, but I’ve some info about the other cases in this post.