Non-public API usage (Apple Rejection)

[emrosenf]

"Apps are not permitted to access the UDID and must not use the uniqueIdentifier method of UIDevice"

The rejection was ~5 mins after I submitted a binary. The issue is the second half of CBValidatePurchaseInfoMatchesReceiptForDevice

[markrickert]

How is it that we're still having these issues when we've not been allowed to use the UDID for almost a year now?

[lxcid]

Hi @emrosenf,

Thanks for informing about the rejection. I made the changes to the method, removing the codes causing the problem.

Since going forward, we aren't allowed to access UUID and purchases made using iOS 6 and above will be using UUID for vendor (So it will no longer generates UUID in the receipt), a total removal of that part of code seems like a good path to take. Especially since iOS 7 is around the corner.

[lxcid]

Hi @markrickert,

I have been pondering whether to remove this part of the codes as

• It is a code snippet taken from Apple's IAP Receipt Validation Solution.
• It have security benefit guarding against receipts generated with iOS 5 and below.
• It doesn't access UUID if the device is iOS 6 and above.

I understand we could have remove it earlier, no idea why I was hoping otherwise. Sorry about that.

[emrosenf]

Thanks for the patch @lxcid. I agree that the code must be removed, even though it is still valid for receipts generated with iOS 5 and below. The reason is that regardless of the value, Apple will not approve new apps containing the code.