How to obtain the iPhone telephone number - iphone

I would like to use the iPhone mobile phone numbers as part of the security in my app. How would I go about doing this or if not possible, how could I obtain the UID number.
It believe it is possible to do this with Android or Winmobile phones.

There is UIDevice which has the uniqueIdentifier property

Heres Apples recomendation for using the UID
A device’s unique identifier
(sometimes abbreviated as UDID for
Unique Device Identifier) is a hash
value composed from various hardware
identifiers such as the device serial
number. It is guaranteed to be unique
for each device. The UDID is
independent of the device name. For
devices that use a SIM (subscriber
identity module) card, the UDID is
independent of the SIM card.
For user security and privacy, you
must not publicly associate a device’s
unique identifier with a user account.
You may use the UDID, in conjunction
with an application-specific user ID,
for identifying application-specific
data on your server. For example, you
use could a device-user combination ID
to control access to registered
products or when storing high scores
for a game in a central server.
However, if you are developing a game,
you may want to instead use Game
Center’s player identifier key as
explained in Game Kit Programming
Guide.
Important: Never store user
information based solely on the UDID.
Always use a combination of UDID and
application-specific user ID. A
combined ID ensures that if a user
passes a device on to another user,
the new user will not have access to
the original user’s dat
So it looks like if you are using this for storing data on a server you can use the UDID and a ID that you generate. Also it looks like Apple has gotten rid of many of the older ways that you would use to access the phone number.

Related

Ionic | how to give ID for each device

I need to find a way to give any id or something for each phone so i can use the database information under this id.
For example:
Device #45875 made a change.
\
Find in db id 45875 and change firstname to Bob.
To get id for a phone you can use UUID from the device plugin which
will give you a Universally Unique Identifier, you can check the
plugin details here. The details of how a UUID is generated are
determined by the device manufacturer and are specific to the
device's platform or model.
Also you can use the Unique Device ID plugin this one will
remain the same even if the user uninstall the app, This plugin
requires sim permissions. The id is generated by a combination of
the following:
Secure.ANDROID_ID: according to the android docs, this is stable over the whole livetime of a device
TelephonyManager.getDeviceId(): should be stable
TelephonyManager.getSimSerialNumber): depends on the SIM currently plugged to the device --> unstable
You can also use the sim plugin to get the deviceId for
example, the IMEI for GSM and the MEID or ESN for CDMA phones, you
will also need to have sim permissions to use it. It won't work on
devices without a sim card.
Just generate a GUID on first install and save it locally (e.g. using Ionic Storage). You can then send this identifier to your backend and create a "device" with this ID. You then use it in all communication between your app and the backend.
If you users log in to any account, like Facebook, Twitter, etc, connect this to the "device id". This way you can also have multiple devices connected to the same accounts etc.

Grant access to server only with validated IOS devices through Unique Identifier

I have 10 IOS devices in my company predominantly ipads running IOS 6. I have a server where I've created the appropriate web services for my devices to communicate with. I wish to extend the current setup by only allowing validated devices access to the webservices.
I have looked into passing the UDID as an extra attribute to the web server which would then be run against a database containing encrypted UDIDs and if its found a match then the device is validated and allow the web service process to continue.
However i understand that UDID is now depreciated. What is the easiest way i can implement a unique UDID for each device which would also work for future in-house application updates?
Why don't you create a standard login system whereby the user logs in on the device with a username and password, and then the server returns a certificate that can be used to validate future interactions? Why restrict users to specific devices when you can just require a login. The end result - limiting which users can use the system - is still realized, but in a more flexible and extensible way.
Use the UIDevice identifierForVendor to identify the device under iOS6.
[[UIDevice currentDevice] identifierForVendor]
From Apple docs:
"The value of this property is the same for apps that come from the same vendor running on the same device. A different value is returned for apps onthe same device that come from different vendors, and for apps on different devices regardles of vendor."
Another way I have used is to generate a UUID on the server, email it to the user with a URL scheme that opens the app and the app saves it in the keychain. The keychain saves the UUID across app delete/reinstall.
Use the MAC address of the device. It is not against Apple Policy and it NEVER changes.

what data can be gathered from a users iphone for user identification

I am doing some research about what types of data is (legally) available for me to store in a database to perform checks against if i decide to do a subscription based application.
For instance can my app query for the devices UDID number? then me save that number against the registration of the application.
As of iOS5, the API to obtain the device UDID has been deprecated for privacy reasons. There are efforts to find suitable replacements, however, such as https://github.com/gekitz/UIDevice-with-UniqueIdentifier-for-iOS-5, which uses the MAC address and application ID to create a unique identifier that is unique only to an individual app on a particular device.

Using UDID to create unique user identity

I am working on an iPhone App which communicates with a Server to store and exchange data. Since I would like to make it as simple as possible, I want to avoid registration (or mybe also the using of a password) for the user account. Is it possible (and allowed?) to get the UDID of the iPhone device and make eg. an MD5-hash of it, which I transfer to the server and use it for authentification? Since this ID is unique I could simply use it to login and get the user specified data from the server, without any need of creating login data.
Is it allowed to access the UDID, make an MD5-hash of it and store it in a database?
Second question is: how do I get the UDID? ;-)
Yes, it's allowed, but take into account what I have reported below, from the documentation.
You can retrieve the UDID as follows:
NSString *udid = [[UIDevice currentDevice] uniqueIdentifier];
Note the following from the offical Apple's documentation:
A device’s unique identifier (sometimes abbreviated as UDID for Unique Device Identifier) is a hash value composed from various hardware identifiers such as the device serial number. It is guaranteed to be unique for each device. The UDID is independent of the device name. For devices that use a SIM (subscriber identity module) card, the UDID is independent of the SIM card.
For user security and privacy, you must not publicly associate a device’s unique identifier with a user account.
You may use the UDID, in conjunction with an application-specific user ID, for identifying application-specific data on your server. For example, you use could a device-user combination ID to control access to registered products or when storing high scores for a game in a central server. However, if you are developing a game, you may want to instead use Game Center’s player identifier key as explained in Game Kit Programming Guide.
Important: Never store user information based solely on the UDID. Always use a combination of UDID and application-specific user ID. A combined ID ensures that if a user passes a device on to another user, the new user will not have access to the original user’s data.
I've used the UDID for checking if the device already has a running subscription.
Getting the UDID is easy:
NSString *udid = [[UIDevice currentDevice] uniqueIdentifier];
If you read up on the App store rules, there is a section about letting the user create an account to move the subscriptions to an other device.
In this section Apple makes clear that the account creation must be an username and password that the user must enter. The username can't be an e-mail address since it is personal information.
If you app leans heavy on the data, an optional user account creation would be advisable.
The AppStore Review guidelines can by found : http://developer.apple.com/appstore/resources/approval/guidelines.html
UDID is hidden since iOS-6 and later so you can uniquely identify device by:
NSString *UDID = [[UIDevice currentDevice] identifierForVendor];

Retrieving the Apple Id (or some kind of account id) in Objective C

I am writing a paid app for the store which gives you a 1 year subscription to some content.
This means I need to store on my web service db, when the user first launches the application some kind of unique user id (Apple ID?), along with the date. I can then do validation to check if the subscription is still valid.
I can see how to get a UDID but that's not really very good if they want to install it on another device with their existing iTunes account.
I would rather not make the user have to enter in an identifier themselves.
Keep in mind that the user may very easily change the apple id he or she is using on the device. He may even allow others (familiy members...) to use the same apple id. I wouldn't share mine, but there is no technical barrier for others to do so.
I can easily imagine apple not approving an app making such use of the users apple id, for this and a number of other reasons.
Having said this, I know of no way to retrieve it anyway.
Either tie the subscription to the UDID (and allow the user to migrate it later) or create some sort of accounts the users may log in to. I don't see a way around this...