Apple replaced the hardware ID with a random number (the IDFA) that could be reset by the user at any time, or turned off completely.
Google eventually followed suit, although any app that received the. READ_PHONE_STATE permission was immune to the protections.
> READ_PHONE_STATE is one of the Android permissions categorized as dangerous. This is because it “allows read only access to phone state, including the phone number of the device, current cellular network information, the status of any ongoing calls, and a list of any Phone Accounts registered on the device”.
... it is often requested and misused by other types of applications that do not have any reason for needing it, including malware.
There has been a setting to turn the IDFA completely off for well over a decade.
Previously, apps on iOS or Android had access to the unchanging hardware ID number of the device.
> Apple notes that it will be phasing out access to the unique device identifier, or UDID, on iOS devices such as iPhones and iPads.
This is a big deal, especially for any mobile ad networks, game networks or any app which relies on the UDID to identify users.
https://techcrunch.com/2011/08/19/apple-ios-5-phasing-out-ud...
Apple replaced the hardware ID with a random number (the IDFA) that could be reset by the user at any time, or turned off completely.
Google eventually followed suit, although any app that received the. READ_PHONE_STATE permission was immune to the protections.
> READ_PHONE_STATE is one of the Android permissions categorized as dangerous. This is because it “allows read only access to phone state, including the phone number of the device, current cellular network information, the status of any ongoing calls, and a list of any Phone Accounts registered on the device”.
... it is often requested and misused by other types of applications that do not have any reason for needing it, including malware.
https://file.scirp.org/Html/1-6101658_80235.htm
The recent changes at Apple were to make the IDFA opt out by default and to track the permission to use it per app instead of per device.