March 30, 2012
As most of you are aware, mobile apps accessing UDIDs (unique device identifier) without user notification are being rejected from the Apple App Store. Specifically, they are cited for violating provision 17.1 in the App Store Review Guidelines:
17.1 Apps cannot transmit data about a user without obtaining the user’s prior permission and providing the user with access to information about how and where the data will be used.
To adhere to this change in policy we recommend changing your iTunes Connect EULA (End User License Agreement). It should clearly state to users that the app passes UDIDs for advertising purposes and to obtain user consent before this information is passed. Below is a recommended example of updated language:
Installing this application grants (the developer) the right to send your device identifier to third parties for the use of advertising.
Because there is a lot of uncertainty in the industry, it is recommended to prepare that UDIDs will be not be permitted even with the EULA language updates. Due to this we will be launching an updated iOS SDK on April 2nd, which will pass an alternative anonymous device identifier, ODIN (Open Device Identification Number). Over the past 6 months, we have been leading the effort in developing ODIN, along with several industry leaders. ODIN will allow for the continued use of conversion tracking and frequency capping. For more information, go to www.odinmobile.org.
Why do advertisers need user device identifiers?
- Ad Relevancy. Advertisers and consumers both want ads to be as close to content as possible. Targeting ads, frequency capping to avoid ad saturation, and conversion tracking all involve being able to anonymously identify devices to deliver the most relevant ads. Targeted ads drive higher engagement and more revenue for developers.
- App Install Verification. When publishers act as the advertiser, they typically only pay when an ad actually results in an install. The ad providers can determine the anonymous device identifiers of the viewers of the ad and the developer has the anonymous device identifiers of the installers of their app. By matching these lists of identifiers, developers know how many installs were driven by the ad and thus how much to pay.
Aren’t there other ways to verify installs?
Anonymous device identification matching is the most popular and straightforward tactic for verifying installs. Eliminating this method without a clear alternative in place could affect developer earnings. We are actively working with our partners in the industry on alternatives that balance technological simplicity and consumer privacy.
What should I expect in the future?
We acknowledge that Apple could change the landscape again without much warning. Our goal is to ensure ODIN becomes a standardized solution for the industry. This is just the first step in creating a more secure and efficient solution. It’s best to remain flexible as policies and standards change. Know that we’re fully committed to working to solve this as a group. Stay tuned and we’ll keep you posted on changes!