iOS In-House App Distribution

Question

My client wants to control which device is running the app but also needs to distribute the app to more than 100 devices.

In case someone manages to get the .ipa he

Answer 1

You need to implement your own copy protection method if you want to ensure that enterprise apps are not installed on unauthorized devices. The enterprise provisioning profile does not include the UDID and they are no other means from Apple to specify the allowed devices.

Answer 2

If you distribute your app as an Enterprise app you can't tie it to a UDID like ad-hoc deployment (granted as an Enterprise developer you still have 100 devices you can distribute as ad-hoc to).

You can use TestFlight for distribution of Enterprise apps, it allows you to maintain lists of authorized users/devices and you can manage who gets builds etc such that Testflight's installation process will only install your app onto devices you've authorized. Even if the email is opened on a unauthorized device it won't install. Users could still endeavor to get your app off their device and try to install it elsewhere but...

If the devices are all < iOS6 you could references the devices' uniqueIdentifier and check that against a maintained list of UDID's such that the app can obviously still be installed but it couldn't be run.

Another alternative is requiring them to sign into the app on launch or it won't run.