Ad ID on your phone? What is it?


I’m sure some of you have already come to realize, your cell phone’s setting is getting to be very complicated. If you need to go to setting and try to do anything, you probably need a college degree or higher to try to figure it out.

Privacy has been a big topic recently as we really have no idea how much and when our personal information are being used and shared with others.  This is a huge topic for discussion, so let’s chop it up to smaller byte size articles.

Today, let’s talk about the “Ad Identifier” on your mobile devices – What is it?

You probably are not aware of it, your mobile device has an “Ad ID”, aka “IDFA” on IOS, or “AAID” on Android. Go to setting, and search for Ads or advertisement, you should be able to find it.

It is a key created and stored on your mobile devices (without you even know about it or ask for it). There are no specific permission requirement to access this data, so potentially any app on your mobile device can have access to it.  Sadly, there are very little transparency on its usage.

Problem is that this is a key that identify you, or should we say, your device.  This potentially can allow apps to track you without you knowing it, even allow third-party tracking activities and to profile you not just from one domain but cross domains.


A bit of history

In the early days, there are static device identifiers – the “Unique Device Identifier” (UDID) on IOS and the “Android ID” on Android.  This is an unique ID for your device but if they are shared with others, they can potentially be used to track you (or should we say, your device) on everything you do on that device. These identifiers were unique, permanent, and frequently accessed by third parties without we even know about it or require any consent to it.

What does this mean? basically this ID is your device fingerprint, and can be used to trace everything that you do with your mobile device. The word “Third Party” is critical here, for example you may access a bank/financial institution and a shopping site using the same phone, even though you use 2 different identities, someone can still profile you using the unique ID with the cross-site activities.

Bottom line: this is a major privacy problem.

So we complained, they got rid of the UDID and the Android ID, but replaced them with the Ad ID?

This is probably the most interesting and ridiculous part of this story, is the new Ad ID any better?

The one difference I can find so far is that there are option to reset or delete this ID. But still, while you have this ID on your device, there is little transparency on who has permission to this key ID.  I will come back and update this article with more detail, but first and most important thing, you need to figure out how to remove this ID as soon as possible, unless you like to be tracked. Here are a few notes that hopefully will help you, and there are plenty of other YouTube videos out there that will walk you through step by step.

How to remove Ad ID “AAID” on Android?

Go to setting on your mobile device and search for “Ads”, you will see a result under “Security and privacy” for Ads, click on Ads and you will see options to reset or delete the advertising ID.

Unfortunately, I can’t find any information on how you can find out which app were able to access your AD ID and who has access now. So the only option you have is to delete it.

How to remove Ad ID “IDFA” on IOS?

IOS doesn’t seem to allow you to delete the advertising ID, but it does allow you to reset it.

Apple does provide more options to set permission to access it. Go to setting and search for “advertisement”, make sure to switch off any tracking previously allowed and also switch off “Allow Apps to Request to Track”.

Apple requires apps to “ask permission” before they can access your “IDFA”, so make sure the review that carefully. select “Ask App Not to Track” to deny it IDFA access.

What’s Next?

This is a big privacy problem, we need more transparency on tracking activities happening on our devices, and how they are being used and shared. We also need more transparency on how company collect and use our data.

I have been reviewing a few “privacy oriented” web browsers and search engines as well, I will share with you my findings soon.