1. 程式人生 > >獲取使用者隱私資訊,蘋果稽核app被拒(2.5.13 5.1.1 5.1.2)

獲取使用者隱私資訊,蘋果稽核app被拒(2.5.13 5.1.1 5.1.2)

發件人 Apple2. 1 Performance: App Completeness2. 5 Performance: Software Requirements5. 1.1 Legal: Privacy - Data Collection and Storage5. 1.2 Legal: Privacy - Data Use and SharingGuideline 2.1 - Information NeededWe have started the review of your app, but we are not able to continue because we need additional information about your app.Next StepsTo help us proceed with the review of your app, please provide detailed information to the following questions. The more information you can provide upfront, the sooner we can complete your review.- What are the correlation between information such as national ID, national ID number, educational background, martial status and current address with phone recycling?- What is the correlation of credit score and selling of mobile device?- What is the purpose of requesting contact information?Guideline 2.5.13 - Performance - Software RequirementsWe noticed that your app includes facial recognition for account authentication but uses a facial recognition technology other than LocalAuthentication.Next StepsTo resolve this issue, please revise your app to use LocalAuthentication for any account authentication based on facial recognition.ResourcesVisit Apple Developer for resources on using LocalAuthentication to request authentication from users.Guideline 5.1.1 - Legal - Privacy - Data Collection and StorageWe noticed that your app requests the user’s consent to access their camera and contact information but does not clarify the use of this feature in the permission modal alert.Please see attached screenshots for details.Next StepsTo resolve this issue, please revise the permission modal alert to specify why the app is requesting access to the user's camera and contact information.ResourcesTo learn more about requesting the user’s permission to access app features, visit the iOS Human Interface Guidelines. You may also want to review the Technical Q&A QA1937: Resolving the Privacy-Sensitive Data App Rejection page for details on how to provide a usage description for permission request alerts.Guideline 5.1.2 - Legal - Privacy - Data Use and SharingYour app accesses user data from the device but does not have the required precautions in place.Next StepsTo collect personal data with your app, you must make it clear to the user that their personal data will be uploaded to your server and you must obtain the user's consent before the data is uploaded. You must also have a Privacy Policy URL and ensure that the URL you provide directs users to your privacy policy.- Starting with iOS 6, there are keys for specifying the reason the app will access the user's protected data. When the access prompt is displayed, the purpose specified in these keys is displayed in that dialog box. If your app will be transmitting protected user data, the usage string in your access request should clearly inform the user that their data will be uploaded to your server if they consent.ResourcesFor more information on these keys, please review the Information Property List Key Reference.解決準則2.1 - 需要的資訊蘋果想了解更多的關於app的資訊:(因為我們專案中獲取了很多使用者的隱私資訊,身份證,教育背景,住址,通訊錄等)- 國家身份證,國民身份證號碼,教育背景,軍事身份和當前地址等資訊與電話回收之間的相關性如何?- 信用評分與移動裝置銷售的相關性是什麼?- 請求聯絡資訊的目的是什麼?這個需要在被拒的申訴裡,貼上他們瞭解的資訊,態度要好一點,理由也要充分合理Dear sir / madam, 
hello,In order to let you know more about our app, more information about our app is below, please check:/具體獲取使用者隱私資訊的作用/If you need more informations, please contact us.Thank you very much. All the best. Yours faithfully  **申訴的時候,蘋果那邊回覆的郵件:Guideline 2.1 - Information NeededThis type of app has been identified as one that may violate one or more of the following App Store Review Guidelines. Specifically, these types of apps often:
1.1.6 - Include false information, features, or misleading metadata2.3.0 - Undergo significant concept changes after approval2.3.1 - Have hidden or undocumented features, including hidden "switches" that redirect to a gambling or lottery website3.2.1 - Do not come from the financial institution performing the loan services
4.3.0 - Are a duplicate of another app or are conspicuously similar to another appBefore we can continue with our review, please confirm that this app does not violate any of the above guidelines. You may reply to this message in Resolution Center or the App Review Information section in iTunes Connect to verify this app’s compliance. Given the tendency for apps of this type to violate the aforementioned guidelines, this review will take additional time. If at any time we discover that this app is in violation of these guidelines, the app will be rejected and removed from the App Store, and it may result in the termination of your Apple Developer Program account.Should you choose to resubmit this app without confirming this app’s compliance, the next submission of this app will still require a longer review time. Additionally, this app will not be eligible for an expedited review until we have received your confirmation.再次申訴:需要再次確認我們並沒有違反他們的規定,申請繼續稽核Dear sir / madam, We have checked our app and make sure that we haven’t violated the rules: 1.1.6 2.3.0 2.3.1 3.2.1 4.3.0./當然也可以一起把其它問題一併附上,消除蘋果那邊對我們的疑惑。/.If you need other informations or more details, please contact us soon. We will fully cooperates in your demands.Look forward to your soonest reply.Thank you very much. All the best. Yours faithfully  **解決準則2.5.13 - 效能 - 軟體要求   我們注意到您的應用包含面部識別以進行帳戶驗證,但使用了LocalAuthentication以外的面部識別技術。因為我們專案裡用到了第三方人臉識別face++,但是蘋果條款裡:2.5.13 使用人臉識別進行帳戶驗證的 app 必須使用 LocalAuthentication (而非 ARKit 或其他人臉識別技術),且必須對未滿 13 歲的使用者使用備用身份驗證方式。我們解決方案是:把他們提到的人臉識別給隱藏了(其實是後臺通過一個欄位控制,當稽核通過之後,再展示出來)。解決:準則5.1.1 - 法律 - 隱私 - 資料收集和儲存。我們注意到您的應用請求使用者同意訪問他們的相機和聯絡資訊但未在許可模式警報中說明使用此功能。這個是說,在獲取使用者的相機,聯絡方式等,沒有給到使用者明確的提示,獲取這些資訊是做什麼用的。
解決準則5.1.2 - 法律 - 隱私 - 資料使用和共享  要使用您的應用收集個人資料,您必須向用戶明確其個人資料將上傳至您的伺服器,並且您必須獲得使用者的同意才能上傳資料。您還必須擁有隱私政策URL,並確保您提供的URL將使用者引導至您的隱私政策。需要在蘋果截圖有問題的介面:如獲取通訊錄上傳到伺服器上增加一個隱私政策url協議,並且在app提交資訊裡填寫上:
被拒了好幾次,最後皆大歡喜。