0 Replies
      Latest reply on Jun 9, 2015 3:36 PM by rtrouton
      rtrouton Level 1 Level 1 (0 points)

        Apple views privacy as a human right

         

        App developers - be mindful of privacy

         

        Keeping the app ecosystem as a trusted place is important.

         

         

        Architecting for privacy

         

        • Data retention
        • Data privacy
        • Data storage
        • Identifiers

         

        Data Retention

         

        • Have a retention policy
        • Delete data when it no longer serves a user need
        • Collect the minimum data necessary
        • Balance storage of data against the risk of compromise

         

         

        Data Minimization Techniques

         

        Anonymize

        Aggregate

        Sample

        De-resolve

        Decay

        Minimize

         

         

        What's the use of the data? What decisions are the collected data driving? If you can't come up with an answer, don't collect it. Minimize.

         

        Data transfer

         

        • Encrypt data in transit
        • Keep sensitive data on the device, do not transmit
        • Process sensitive data on-device

         

        A good example of sensitive data - health data for a workout app. Process it on the device.

         

         

        On Device

         

        - Data protection

        - Keychain - store your secrets inside a keychain's encrypted storage

         

         

        Server side

        - Encrypt data at rest

        - CloudKit

         

         

        Transparency

         

        Be clear about what data is being collected

         

        - Give users the ability to inspect data

         

         

        Explain how it will be used

         

        - Purpose strings

        - Privacy policy

         

        Give users control

        - Limit ad tracking

         

         

        Updates

         

        iOS

        OS X

        watchOS

         

         

         

         

        iOS

         

        MAC Address Randomization - introduced in iOS 8, expanded in iOS 9

         

        App Detection

         

        - The apps which a user has installed is their business

        - Trying to detect which apps are installed is contrary to the iOS security model

        - Whether your app is installed is not another app's business

         

         

         

         

        canOpenURL

         

        Purpose is to determine whether an app can open a certain URL type

         

        50 distinct schemes for apps linked before iOS 9

         

         

        sysctl retrieves system info for processes with appropriate privileges

        In iOS 9, sysctl will be further restricted from checking certain kern flags (check session video for details.)

         

         

        OS X Cookie policy

         

        In OS X Yosemite and earlier, cookies are shared among all applications and are kept in sync.

         

        In OS X El Capitan, cookies are *not* shared. Current Mac App Store apps should already be in compliance for this change.

         

         

         

         

        Privacy in reporting

         

        • Report insights not data
        • Report aggregates
        • Require thresholds

         

        De-anonymizing your users is bad. Don't do it.

         

         

        Prompting well

         

        When prompting for something, fully inform your users why you need this data and ask them to allow it. Concise, clear explanations.

         

         

         

         

        App Transport Security in iOS

         

         

        • Secure - TLSv1.2 with forward secrecy - connections by default
        • Specify specific domains with insufficient security in your app's info.plist. Otherwise, those connections will fail.

         

         

        CoreSpotlight in iOS

         

        Protect your data in Spotlight

         

        When a user adds something to your app, add it to Spotlight for search. When they delete it, remove that data from Spotlight automatically and don't leave that data sitting in Spotlight.

         

         

        Leverage existing technology

         

        TouchID

        Apple Pay

        iOS encryption

         

         

        Privacy policy

         

        Required for some apps, for example those that use HealthKit or do purchasing.

         

         

        Data protection on iOS

         

        Uses hardware encryption to protect user data on iOS and watchOS

        Per-file encryption