Hello, I have noticed that some users have modified their real location through an app called "MGU" to bypass my app's security checks. I want to know how to protect my app and detect users using virtual location. I have reproduced the process of virtual positioning here:
- Insert a plug-in through the interface at the bottom of the phone and connect it via Bluetooth on the phone
- Set the desired positioning target on the "MGU" app
- Turn off your phone's WiFi, network, and location for 10 seconds, then turn it back on
At this point, virtual positioning is successful. Please assist me in troubleshooting this issue and inform me of the principle of implementing virtual positioning in this app and how to prevent it. The following is the screen recording of virtual positioning operation:
https://flowus.cn/share/145b3232-26c3-4ea3-b3ff-4aad1495eb4d
You can use the .sourceInformation property of the CLLocation data you receive. This property may have .isProducedByAccessory or .isSimulatedBySoftware TRUE and you can make your business decision based on that.
These properties is not an indication of fraud, but only that the location is simulated or coming from an external source. Keep in mind that there will be legitimate uses of external devices, so you may want to make sure you are not giving your users substandard service based on this information.
Argun Tekant / DTS Engineer / Core Technologies
