1

My clients use my app in their private devices which are not under any MDM-control or under control of a foreign company. I want to make sure that my app can only be executed when some requirements are met like:

  • device is not jailbroken

  • device-password is set

At the end I want to make sure that no data is leaked, when the app is installed on private devices.

Is it necessary to install a client like mobile iron? If I can install a mdm-profile, this must only guarantee the required conditions for my app.

How do I archive this goal?

Nag
  • 1,438
  • 1
  • 11
  • 39
netshark1000
  • 7,245
  • 9
  • 59
  • 116

2 Answers2

0

iOS MDM management will enable you to tell if a managed device has a passcode set; I don't think there is any other way (short of jail-breaking) to detect this.

Your own application can attempt to do jailbreak detection; Apple's MDM by itself cannot do jail-break detection.

rlandster
  • 7,294
  • 14
  • 58
  • 96
0

Someone has already asked a similar question about detecting a jailbroken device: Determining if an iPhone is Jail broken Programatically. There are also some answers to a question about checking if a password is set but I don't think the code in the answers covers this for you. You might want to check it out though.

You need to be aware that fighting these device compromises is an ongoing battle. There may be a point where the code you have written is ineffective at determining a jailbroken device. This means that you cannot promise that your app will not run on jailbroken devices unless you are planning on tracking all of the techniques in the wild, and releasing new versions to keep up with the threat.

Community
  • 1
  • 1
Brian Lyttle
  • 14,558
  • 15
  • 68
  • 104