Apple has removed hundreds of apps from its App Store for reportedly gathering personal data secretively by using software kit developed by a Chinese company.
Security analytics company Source DNA said that some apps are gathering e-mail addresses, unique serial numbers, and other information from Apple device users through private APIs.
Source DNA said in a post: "We’ve found hundreds of apps in the App Store that extract personally identifiable user information via private APIs that Apple has forbidden them from calling.
"This is the first time we’ve seen iOS apps successfully bypass the app review process. But, based on what we learned, it might not be the last.
The Apple App store already has a very stringent privacy policy and rules regarding personal data collection.
The security analytics firm however said that that a Chinese company Youmi got access to the private APIs of the apps through a third-party advertising SDK.
It helped the company store the data and pass them on to its own server.
Following the report, Apple has removed them from the App Store.
Apple said in a statement: "We’ve identified a group of apps that are using a third-party advertising SDK, developed by Youmi, a mobile advertising provider, that uses private APIs to gather private information, such as user email addresses and device identifiers, and route data to its company server.
"This is a violation of our security and privacy guidelines. The apps using Youmi’s SDK will be removed from the App Store and any new apps submitted to the App Store using this SDK will be rejected.
"We are working closely with developers to help them get updated versions of their apps that are safe for customers and in compliance with our guidelines back in the App Store quickly."
