Overview › PII Data Flow & Third-Party SDKs (iOS)
PII Data Flow & Third-Party SDKs (iOS)
iOS-specific report.
Executive summary
iOS handles the same PII surface as Android — membership ID, email, phone, address, location, biometric tokens. Tokens stored in Keychain. Apple Privacy Manifest required since 2024; verify ours and every third-party SDK ship a PrivacyInfo.xcprivacy.
PII data-flow map (iOS)
| Data type | Storage | Transmission |
|---|---|---|
| Auth tokens | Keychain (Storage SPM) | Authorization header to BFF |
| Membership ID | Keychain or UserDefaults — verify | Sent to BFF + Adobe analytics |
| UserDefaults via Storage abstraction — verify encryption | Sent to BFF + analytics | |
| Location (lat/lng) | In-memory + cached for geofencing | Sent for warehouse selection |
| Device ID | IDFV (vendor identifier) | Sent to ThreatMetrix + analytics |
| Passkey credential | Apple Keychain (Secure Enclave) | Cryptographic challenge — never transmitted as raw cred |
Third-party SDKs (iOS)
- Adobe — Target, Optimize (via CostcoContentstack)
- Contentstack 1.5+ — CMS
- ThreatMetrix — device intelligence (SPM vendor wrapper)
- NokNok — Passkey / FIDO2 (SPM vendor wrapper)
- SDWebImage — image loading
- swift-algorithms — Apple utility
- RZVinyl, RZTransitions — Raizlabs custom forks
- SwiftLint — code quality (build-time only)
- iOSSnapshotTestCase, SnapshotTesting — testing only
Findings
CRITICAL
App Privacy Manifest required
Apple requires
PrivacyInfo.xcprivacy per app + per SDK accessing Required Reason APIs.Recommendation: Generate the app manifest now; collect SDK manifests before each release.
HIGH
App Store privacy nutrition labels alignment
App Store Connect privacy labels must match what each SDK actually collects.
Recommendation: Annual audit; cross-check vendor docs.
MEDIUM
ATS exception in NSE
Reduces overall HTTPS posture.
Recommendation: Replace with NSExceptionDomains.
Costco iOS · Code Review Report · Generated 2026-05-07 · 88 machine-curated findings