Does Apple have a policy restricting generic UUID with iBeacon apps in the app store?

Question

I heard that developers must specify clearly the list of iBeacon UUID their app is working with, and that each change in this list would require an update. The reason would be to prevent companies to apply "counter-marketing" strategies, using their opponents' iBeacons to broadcast their own coupons.

I'm developing a generic app that may let the user input his iBeacon's UUID or fetch them from a server.

Would this application be really rejected by the appstore's validation process ?

Answer 1

The answer is yes, Apple is rejecting the apps that let the user input iBeacon UUID. If you fetch an uuid from a server, that would probably result in the same problem.

Just a quote from an article about this issue :

We’ve been receiving reports that Apple has recently taken its “lock down” of UUID scanning a step further. Before, you needed to specify the UUID numbers you were scanning for in your app, but you could also manually input those numbers.

But now, Apple is rejecting apps that have this functionality. Awwapps is one of the documented cases of this rejection:

"With the upcoming updates of our iBeacon apps Launch Here and Travel Radar we will remove the option to manually add and edit iBeacon credentials (UUIDs, Major ID, Minor ID). This is not our choice. We do this to keep the apps in the App Store. We’ll do our best to come up with other options to add your iBeacons – better options…We will improve on this and extend support to more iBeacon vendors…Please note that a general scanning of all iBeacons around is not possible on iOS. We rely on your input to cover all commonly used iBeacons."

Source : http://beekn.net/2014/05/apple-closed-system-apple-slowly-locking-ibeacon/

Why :

Apple decided this for security reason. That allows developers to prevent their ibeacons of being used by others companies.

Why it's not a big deal :

Most beacons constructors set up their beacons with the same UUID. So the most commons beacons may still be found, unless the UUID was changed for security reasons. For example, by default, the UUID for all the iBeacons built by Estimote is "B9407F30-F5F8-466E-AFF9-25556B57FE6D". You then rely on the "major" and "minor" id sent by the beacon to develop your application.

iBeacons aren't invisible :

It's possible on Android devices to develop an application able to see all the iBeacons in range, and to get it published on the Play Store without any trouble. On iOS, it's still technically possible that an application may let the user input the UUID value, it just won't be approved by the App Store.

And of course, the iBeacons still emits Bluetooth data that still physically exists in the air.