I'm pretty sure that the Uber App is still fingerprinting your iPhone.<p>I have an iPhone 7 Plus and recently moved cities. Which means that I had to get a new phone number (my old number was really old and I didn't want to port it to the new circle - kind of start a new life).<p>So, I deleted the Uber App, installed the new SIM card and installed the Uber app back again.<p>However, it definitely seems that Uber is still fingerprinting my iPhone and not letting me sign up with a new phone number. After signing up, it blocked my new number.<p>So, I tried again - tried with a new phone number. Deleted the Uber app, installed it back again, and Uber blocked that again instantaneously.<p>Is it legal to fingerprint iPhones after the app is deleted and installed back. I know that UUID is now legacy, and that there was a ruckus a few months back that Apple threatened to remove the Uber App if it continues to fingerprint.<p>I wrote to the Uber Support, but as usual, disclosing anything and helping out is against their policies.<p>Can any Uber and Apple engineer here throw light on this matter?
Apple provides the new “DeviceCheck” framework in iOS 11 to give Uber a “legal” way to do this: <a href="https://developer.apple.com/documentation/devicecheck" rel="nofollow">https://developer.apple.com/documentation/devicecheck</a><p>It allows them to set a bit that permanently “marks” your phone, across installs, while protecting the user from the issues of fingerprinting. In fact, they explicitly call this out as an intended use of the new framework:<p>> You might use this data to identify devices that have already taken advantage of a promotional offer that you provide, or to flag a device that you've determined to be fraudulent.<p>Not to say they aren’t still doing something shady, but it’s at least theoretically possible they aren’t.
This is very simple. It was done via the advertising identifier (IDFA). If you don’t reset it between uninstalling and reinstalling, you’re still the same person.<p>This also applies to keychain data. If you uninstall an app, it’s data is still kept in the keychain, and is accessible again after reinstalling. Not sure how you could clear this as a user.<p>This isn’t fingerprinting. It is explicitly allowed by Apple.<p>As an aside, the new DeviceCheck system cannot be used for fingerprinting. All it could have done is to flag your device as fraudulent pre-uninstall if they thought you were problematic. DeviceCheck allows for the storage of exactly two bits of data - literally four possible values. It was certainly not done with this.
It is not the only App that probably fingerprints your phone. Whisper also does it, despite marketing themselves as a safe and anonymous place for vulnerable people to express themselves. It would be very helpful if anyone could comment on how to stop them. Note that this[1] was going on more than 1 year ago<p>[1] <a href="https://news.ycombinator.com/item?id=12973748" rel="nofollow">https://news.ycombinator.com/item?id=12973748</a>
OP Here: So, is there any solution how can I start using the Uber app again?<p>Uber support doesn't seem to care what the issue is and keeps telling that they can't do anything about it.<p>I don't have any other Uber apps installed on my phone, can get a new phone number to signup.
Maybe you could do a full restore of iOS to get around the issue? If you could jailbreak, there might be a workaround as well, but as far as I know, there isn't a jailbreak available for iOS 11.
It is very simple if they are storing some identifier in keychains. Keychain items persist between the app install. There are a lot of apps which do this.