• @dohpaz42
    link
    English
    493 months ago

    Apple urges developers to not use DeviceCheck for anything beyond basic device verification, and if you’re a developer that’s also misusing it, then you should definitely cease that—there are probably more reliable ways to check whether it’s the same user trying to access an account from a device or not.

    Sounds reasonable…

    But then, why would you use it?

    For example, you might use this data to identify devices that have already taken advantage of a promotional offer that you provide, or to flag a device that you’ve determined to be fraudulent.

    Oh, ok. Wait, what? But…

    • @Giooschi
      link
      English
      113 months ago

      Luckily Apple strictly controls the App Store and will never allow apps to abuse this, right? Right?

    • @[email protected]
      link
      fedilink
      English
      33 months ago

      Yeah? That makes perfect sense, don’t use it beyond a basic device verification, for example verifying if the device has already been used in a promo or stolen.

      Those are instances where you need to check the device itself not the user.