device-integritylisted

Verify device legitimacy and app integrity using DeviceCheck (DCDevice per-device bits) and App Attest (DCAppAttestService key generation, attestation, and assertion flows). Use when implementing fraud prevention, detecting compromised devices, validating app authenticity with Apple's servers, protecting sensitive API endpoints with attested requests, or adding device verification to a backend architecture.
dpearson2699/swift-ios-skills · ★ 730 · API & Backend · score 80

Install: claude install-skill dpearson2699/swift-ios-skills

# Device Integrity Verify that requests to your server come from a genuine Apple device running your unmodified app. DeviceCheck provides per-device bits for simple flags (e.g., "claimed promo offer"). App Attest uses Secure Enclave keys and Apple attestation to cryptographically prove app legitimacy on each request. ## Contents - [DCDevice (DeviceCheck Tokens)](#dcdevice-devicecheck-tokens) - [DCAppAttestService (App Attest)](#dcappattestservice-app-attest) - [App Attest Key Generation](#app-attest-key-generation) - [App Attest Attestation Flow](#app-attest-attestation-flow) - [App Attest Assertion Flow](#app-attest-assertion-flow) - [Server Verification Guidance](#server-verification-guidance) - [Error Handling](#error-handling) - [Common Patterns](#common-patterns) - [Common Mistakes](#common-mistakes) - [Review Checklist](#review-checklist) - [References](#references) ## DCDevice (DeviceCheck Tokens) [`DCDevice`](https://sosumi.ai/documentation/devicecheck/dcdevice) generates a unique, ephemeral token that identifies a device. The token is sent to your server, which then communicates with Apple's servers to read or set two per-device bits. Available on iOS 11+. ### Token Generation ```swift import DeviceCheck func generateDeviceToken() async throws -> Data { guard DCDevice.current.isSupported else { throw DeviceIntegrityError.deviceCheckUnsupported } return try await DCDevice.current.generateToken() } ``` ### Sending the Token to Your Server