苹果拒绝了应用程序,因为它未经用户许可就传输了MAC地址 [英] Apple rejected app because it's transmitting MAC Address without user permission
问题描述
我们有一个最近开发的应用程序,被苹果拒绝了.这是他们的解释:
We had a recently developed app rejected by Apple. Here is their explanation:
我们发现您的应用未获得用户的同意,然后才收集 用户的个人数据,符合《 App Store审查指南》的要求.
We found your app does not obtain user consent before collecting the user's personal data, as required by theApp Store Review Guidelines.
具体来说,您的应用程序发送设备的MAC地址时不会 用户的许可.您的应用还会发送设备联系信息 未经用户许可.
Specifically, your applications sends the device's MAC address without the user's permission. Your app also sends device Contact information without the user's permission.
要通过您的应用收集个人数据,您必须向 用户,他们的个人数据将被上传到您的服务器,而您 在上传数据之前,必须先征得用户的同意.
To collect personal data with your app, you must make it clear to the user that their personal data will be uploaded to your server and you must obtain the user's consent before the data is uploaded.
iOS 6包括新的密钥,用于指定应用程序访问的原因 用户的受保护数据.显示访问提示时, 这些对话框中指定的用途将显示在该对话框中.如果 您的应用程序将传输受保护的用户数据,使用情况 您的访问请求中的字符串应明确告知用户 如果他们同意,他们的数据将上传到您的服务器.
iOS 6 includes new keys for specifying the reason the app will access the user's protected data. When the access prompt is displayed, the purpose specified in these keys is displayed in that dialog box. If your application will be transmitting protected user data, the usage string in your access request should clearly inform the user that their data will be uploaded to your server if they consent.
有关这些键的更多信息,请参见信息 属性列表键参考.
For more information on these keys, please see the Information Property List Key Reference.
我们正在使用RubyMotion工具链,并且未在应用程序中的任何位置访问MAC地址.我们认为它可能是我们正在使用的SDK或gems之一.
We are using the RubyMotion toolchain, and not accessing the MAC address anywhere in our app. We think it may be one of the SDK's or gems we are using.
宝石文件:
source :rubygems
gem 'bubble-wrap', :git => 'https://github.com/rubymotion/BubbleWrap.git'
gem 'teacup'
gem 'rake'
gem "cocoapods", "0.13.0"
gem 'motion-cocoapods', "1.1.0"
gem 'motion-testflight'
gem 'motion-table'
gem "Parsistence"
gem 'formotion'
gem "ProMotion"
gem "motion-addressbook"
唯一的外部api调用是 Parse.com 和testflight,因为我们正在使用这两个SDK
The only external api calls are to Parse.com and to testflight, as we are using both of these SDK's.
Parse说他们不会收集MAC地址,而除非您特别这样做,否则Testflight不会收集.
Parse said that they do not collect the MAC address, and Testflight doesn't unless you specifically do so.
我们还使用了这些可可豆荚:
We are also using these Cocoa pods:
"NSData + MD5Digest"
'NSData+MD5Digest'
'MBProgressHUD'
'MBProgressHUD'
"ASIHTTPRequest"
'ASIHTTPRequest'
'PHFRefreshControl'
'PHFRefreshControl'
'JSONKit'
问题:这些宝石或可可足类中的任何一个都需要MAC地址吗?
Question: Do any of these gems or Cocoapods call for the MAC address?
推荐答案
我想试飞或Parse可以检索MAC地址,即使他们不发送MAC地址,Apple可能也只是看到它们正在访问和发送内容.我认为这是因为,如果这些库中的任何一个通过网络发送MAC地址的未加密版本,那将是非常糟糕的,因此,也许Apple可以看到它的访问.您是否有机会在应用中使用广告网络?
I'd imagine test flight or Parse could have the ability to retrieve the MAC address and even if they don't send it Apple is probably just seeing that they are accessing and sending something. I assume this because it would be really bad if any of these libraries are sending an unencrypted version of the MAC address over network so maybe Apple can just see the accessing of it. Are you by any chance using an advertising network in your app?
这篇关于苹果拒绝了应用程序,因为它未经用户许可就传输了MAC地址的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
