Apologies for the late reply @eskimo - missed this. From my understanding, data stored in the 'hidden' iCloud file system and data stored in your on-device keychain are scoped to your bundle ID/App ID. If you publish the app under a different bundle id (e.g. com.acme.fintechapp1 vs com.acme.fintechapp2) then we will lose access to all the data scoped with that app. As you may remember from our previous interaction, we're using expo-secure-store and iCloud's app file system (hidden from iCloud Web) Couple of possible concerns here: We lose access to the bundle/app ID (e.g. com.acmecorp.fintechapp) that holds the scope for all these secure files/keychain items. An attacker hijacks the bundle ID somehow Perhaps my understanding of bundle identifiers is incorrect. Would appreciate you pointing me to the right place to understand if there are any risks here.