Apple has removed hundreds of iPhone apps from iTunes store which contains AD SDK to collect users' personal information secretly. According to app analytics service SourceDNA, most of the 256 affected apps were made in China, but they were available worldwide on the app store and were downloaded 1 million times.
SourceDNA researchers found four major classes of information gathered by apps that use the Youmi AD SDK. They include:
- A list of all apps installed on the phone
- The platform serial number of iPhones or iPads themselves when they run older versions of iOS
- A list of hardware components on devices running newer versions of iOS and the serial numbers of these components, and
- The e-mail address associated with the user’s Apple ID
SourceDNA did not say which apps were affected. The company told Apple about the problem on Sunday, and Apple removed the apps on Monday.
Apple released a statement saying it will remove apps with Youmi from the App Store, and reject future submissions using the SDK:
“We’ve identified a group of apps that are using a third-party advertising SDK, developed by Youmi, a mobile advertising provider, that uses private APIs to gather private information, such as user email addresses and device identifiers, and route data to its company server. This is a violation of our security and privacy guidelines. The apps using Youmi’s SDK have been removed from the App Store and any new apps submitted to the App Store using this SDK will be rejected. We are working closely with developers to help them get updated versions of their apps that are safe for customers and in compliance with our guidelines back in the App Store quickly.”
Luckily, Apple now has banned those apps from iTunes store which will protect your personal information in a way.