iOS In-House App Distribution

Question

My client wants to control which device is running the app but also needs to distribute the app to more than 100 devices.

In case someone manages to get the .ipa he doesn't want him to be able to run it on a non authorized device.

I'm unsure about the following: under the enterprise development program can, and if so how, an app be tied to an device UUID (as for ad-hoc deployment) or do I have to secure the app distribution process entirely ?

Thank you.

Answer 1

If you distribute your app as an Enterprise app you can't tie it to a UDID like ad-hoc deployment (granted as an Enterprise developer you still have 100 devices you can distribute as ad-hoc to).

You can use TestFlight for distribution of Enterprise apps, it allows you to maintain lists of authorized users/devices and you can manage who gets builds etc such that Testflight's installation process will only install your app onto devices you've authorized. Even if the email is opened on a unauthorized device it won't install. Users could still endeavor to get your app off their device and try to install it elsewhere but...

If the devices are all < iOS6 you could references the devices' uniqueIdentifier and check that against a maintained list of UDID's such that the app can obviously still be installed but it couldn't be run.

Another alternative is requiring them to sign into the app on launch or it won't run.

Answer 2

You need to implement your own copy protection method if you want to ensure that enterprise apps are not installed on unauthorized devices. The enterprise provisioning profile does not include the UDID and they are no other means from Apple to specify the allowed devices.