Apple Orders the Removal of Apps using Root Certs

AppleLast week, Apple removed several applications from its store, a decision that can prove to be a challenge for iOS developers when guidelines for applications changed. “Choice” was one of the many applications removed by the company. The app, developed by a company based in Palo Alto, functioned to interrupt encrypted traffic sent to several companies, including Google, Pinterest, Facebook, and Yahoo, in order to block in-app pop-up ads.

Apple stood by its decision to remove the applications stating that the apps use of root digital certificates left users’ private data vulnerable to outside sources. The co-founder of Been, David Yoon, whose company is responsible for creating the “Choice” app, said that it put their developers to work to remove the root certificate immediately after Apple’s announcement.

They are waiting for Apple’s approval of the modified version of the application. “Choice” won Apple’s approval in June when Apple was allowing developers to create apps using root certificates. Root certificates are not necessarily a threat to the user, but they do give the app the permission to commence an encrypted connection with a Web service in order to examine the traffic by privately accessing it with its own key.

“Choice” and other apps using the root cert aimed to increase visibility on social media networking sites such as Facebook. Facebook encrypts its in-app ads and content with Secure Socket Layer/Transport Security Layer (SSL/TLS) encryption.  When users install “Choice,” it blocks those ads as well as third-party tracking devices and services not using SSL/TLS.

Since Edward Snowden, the NSA leaker, revealed the extensive data gathering operation underway by the spy agencies of the United States, most technology companies began to encrypt their services completely, enabling them to deliver ads and content over SSL/TLS.

According to Yoon, their company had disclosed to users of how they were able to block ads within services protected by SSL/TLS. Furthermore, he wants to clarify that they did not hold on to any traffic from the devices of users. Yoon understands Apple’s reason for removing apps such as “Choice,” but he also admits that they did not think that they were creating an unsafe environment for users who downloaded their app.

AppleIn the future, the co-founder of Been is unsure if Apple willallow them to use root certs in another way or not. He also said that over 10,000 people have downloaded “Choice,” and that they have plans to expand on the app’s capabilities down the line.

Their app has an “Earn” mode, which allows users to enable ads. If users opt for that mode, it will allow their app to collect data such as when the person uses it. Yoon wants users to be fully aware of their plans to gather data and he has given users an option to opt out of it. Most users are not aware about the app tracking their online activity and Been wants to change that.

The company’s “Earn” mode gives users money for allowing them to track their online activity. For the online advertising market, this type of incentive is a first. If people use “Earn” for one day, they will earn 1,000 points. After using it for a month, users will earn 30,000 points, which will earn them $20.

Before Been can make any of this happen, they have to wait for Apple’s approval so they can reintroduce their app in the store.

Be the first to comment on "Apple Orders the Removal of Apps using Root Certs"

Leave a comment

Your email address will not be published.


Time limit is exhausted. Please reload the CAPTCHA.