Latest in Gear

Image credit: Jaap Arriens/NurPhoto via Getty Images

Apple threatened to drop Uber's app over iPhone tagging (updated)

Uber's app could identify iPhones even after they'd been wiped.
1734 Shares
Share
Tweet
Share
Save

Sponsored Links

Jaap Arriens/NurPhoto via Getty Images

Uber is no stranger to trouble, but it may have landed in some especially hot water two years ago. New York Times sources claim that Apple CEO Tim Cook held a face-to-face meeting in early 2015 to call out Uber's Travis Kalanick (and threaten to remove his app from the App Store) after learning that Uber was not only violating iOS app privacy guidelines, but was trying to cover it up. Reportedly, the ridesharing outfit had been "fingerprinting" iPhones with permanent identities so that it could prevent drivers from cheating by creating fake accounts and accepting rides from these bogus customers. The IDs would last even after the app was deleted or the entire phone was wiped. While this helped keep drivers honest, it was clearly a privacy violation -- and it was made worse by Uber's bid to hide the tracking from App Store reviewers.

Reportedly, Kalanick told staff to "obfuscate" the Uber app's fingerprinting code for anyone operating from Apple's current headquarters in Cupertino. As far as the people at Infinite Loop could see, it was business as usual. However, the trick didn't work for long. Apple workers outside of the headquarters eventually spotted the shady behavior, leading to the meeting with Kalanick. The approach isn't that uncommon for Uber (it recently admitted that it used location-based techniques to fool regulators), but it's particularly brazen given the risk of being dropped from the App Store and losing millions of customers.

Apple isn't commenting on the meeting with Cook, and we've reached out to Uber for its take on the allegations. However, it's safe to say that Uber would like to leave an issue like this in the past. The company is trying to turn a corner, and Kalanick himself is looking for a second-in-command to keep his boundary-pushing tendencies in check. This revelation certainly won't help matters, though. It reinforces the notion that Uber is all too willing to break rules in the name of money, even if it's motivated by honest concerns like fraud.

Update: Uber has responded to Engadget, and maintains that its staff "absolutely do not" track individual users after they've deleted the app. At present, it spots potential fraud through a mix of common red flags (such as unusual IP addresses and GPS locations) and undisclosed methods. The company adds that fingerprinting is a "typical way" of preventing people from using stolen phones for joyrides, and otherwise thwarting "known bad actors." You can read the full statement below. It's good to hear that the company isn't tracking people, but the heart of the story revolves around hardware fingerprints -- those still violated Apple's privacy guidelines, even if Uber couldn't definitively associate phones with specific customers.

"We absolutely do not track individual users or their location if they've deleted the app. As the New York Times story notes towards the very end, this is a typical way to prevent fraudsters from loading Uber onto a stolen phone, putting in a stolen credit card, taking an expensive ride and then wiping the phone—over and over again. Similar techniques are also used for detecting and blocking suspicious logins to protect our users' accounts. Being able to recognize known bad actors when they try to get back onto our network is an important security measure for both Uber and our users."

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
1734 Shares
Share
Tweet
Share
Save

Popular on Engadget

'Fortnite' will soon offer an Annual Pass with exclusive items

'Fortnite' will soon offer an Annual Pass with exclusive items

View
NASA finds water ice just below the surface of Mars

NASA finds water ice just below the surface of Mars

View
Anthem's winter update, 'Icetide' is here

Anthem's winter update, 'Icetide' is here

View
Opera's gaming-focused GX browser comes to macOS

Opera's gaming-focused GX browser comes to macOS

View
Even Facebook Messenger is getting in on the Star Wars hype

Even Facebook Messenger is getting in on the Star Wars hype

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr