SDKAnalyzerBack to home
Redacted Sample Report

Example iOS Sports App - iOS

Generated April 25, 2026 · 12SDK/framework findings · 4 high-risk

This redacted sample is based on an actual SDKAnalyzer iOS review. App-specific identifiers have been normalized, but the structure, evidence style, vendor categories, confidence language, and risk framing mirror the kind of report a customer receives.

Binary Metadata

Identifiers are shown in redacted form for this public sample.

Bundle ID

com.example.sports.ios

Version string

2.140.x (normalized)

Build number

2026.04.25-redacted

IPA SHA-256

f4c9...a7d2 (redacted sample hash)

Extraction timestamp

2026-04-25 22:40 UTC

App Store URL

https://apps.apple.com/app/example-ios-sports-app/id0000000000

Evidence Sources

The review starts with static artifacts visible in the app package: framework names, bundle metadata, privacy manifests, resources, strings, and vendor-specific identifiers. These signals are cross-checked against canonical vendor references before a finding is summarized.

Apple privacy manifest reference

Confidence Tiers

Detected with high confidence

Named framework match plus bundle metadata, privacy manifest, or vendor-specific resources.

Detected with medium confidence

Strong string, class, or endpoint evidence where the package is visible but less self-describing.

Inferred

Network endpoint, configuration, or runtime-adjacent evidence that indicates likely use but needs follow-up.

Scope & Limitations

Findings reflect what was detectable from static inspection. Static analysis can prove that code or declared behavior is bundled; it cannot prove exactly when code runs, what server-side systems receive, or whether dynamically loaded modules are used after launch.

Privacy Risk Ratings

Low - infrastructure, rendering, or low-sensitivity telemetry with little inherent third-party data exposure.

Medium - user-linked analytics, support, fraud, or authentication data where configuration materially affects exposure.

High - precise location, biometrics, identity documents, session replay, or other highly sensitive data paths.

4
High Risk
5
Medium Risk
3
Low Risk

SDK Findings

Amplitude Session ReplaySession ReplayHigh RiskDetected with high confidence
AmplitudeSessionReplay.framework

Records and reconstructs user sessions so product teams can inspect navigation, gestures, and rendered screen states.

Sensitive / PII Received

Rendered UI state and interaction data. If masking is incomplete, visible account, payment, identity, or support details can be captured.

Confidence & Evidence

Named framework match and session-replay-specific binary/resources.

Privacy Manifest / Static Evidence

Product interaction data declared for analytics, linked to user, with tracking not declared in the sampled manifest.

AmplitudeSessionReplay.framework, session replay resources, privacy manifest product-interaction declarations.

Trust Assessment

Reputable vendor, but operationally high sensitivity because masking rules and screen exclusions must stay correct as the app changes.

Amplitude mobile session replaySession replay overview
Technical Details

Session replay is a distinct finding because its privacy profile is materially different from ordinary event analytics. The SDK may be safe when configured carefully, but the blast radius is higher.

GeoComplyRegulatory GeolocationHigh RiskDetected with high confidence
GeoComplySDK.framework

Compliance-grade geolocation and device integrity SDK commonly used to verify whether a user is physically allowed to transact in a regulated market.

Sensitive / PII Received

Precise and coarse location, device identifiers, phone/user identifiers, and device-integrity signals.

Confidence & Evidence

Named framework match plus privacy manifest location/device declarations.

Privacy Manifest / Static Evidence

Location, device ID, phone number, and user ID categories were visible in the sampled framework manifest.

GeoComplySDK.framework, framework bundle metadata, privacy manifest location and device categories.

Trust Assessment

Specialized regulated-market vendor. Sensitivity is high because precise location is intrinsic to the product's purpose.

GeoComply
Technical Details

The framework is treated as a compliance dependency rather than a discretionary marketing dependency. Runtime testing would be needed to verify exact trigger points and transmission frequency.

Incode OnboardingIdentity VerificationHigh RiskDetected with high confidence
IncdOnboarding.framework

Identity verification and onboarding SDK used for document capture, liveness checks, biometric verification, and KYC-style screening.

Sensitive / PII Received

Name, phone number, address, precise location, government ID images, photos/videos, biometric face data, user ID, and device ID.

Confidence & Evidence

Named framework match and identity/KYC privacy manifest categories.

Privacy Manifest / Static Evidence

Sensitive identity, location, photo/video, user ID, and device ID categories were visible in the sampled framework manifest.

IncdOnboarding.framework, onboarding resources, privacy manifest identity and photo/video categories.

Trust Assessment

Recognized identity-verification provider. Risk is inherently high because the data type is sensitive, even when collection is legitimate.

Incode identity verification
Technical Details

The framework name and resources strongly indicate a KYC/onboarding flow. This is the kind of SDK whose presence is difficult for non-technical buyers to validate without inspecting the app package.

RadarLocation PlatformHigh RiskDetected with high confidence
RadarSDK.framework

Location platform for geofencing, place detection, trip tracking, and address/location-aware product features.

Sensitive / PII Received

Precise and coarse location, user ID, device ID, performance data, and diagnostic data.

Confidence & Evidence

Named framework match, location SDK metadata, and privacy manifest evidence.

Privacy Manifest / Static Evidence

Location, user ID, device ID, performance, and diagnostic data categories were visible in the sampled framework manifest.

RadarSDK.framework, framework metadata, location-related privacy manifest categories.

Trust Assessment

Established location-platform vendor. Risk is high because continuous or repeated location collection is sensitive even when not used for advertising.

Radar iOS SDK docs
Technical Details

The report separates Radar from regulatory geolocation because the likely use cases and data-governance questions are different.

Amplitude Analytics / EngagementProduct AnalyticsMedium RiskDetected with high confidence
AmplitudeCore.frameworkAmplitudeEngagementSwift.framework

Product analytics and engagement runtime used to record app events, identify sessions, and target in-app messages or surveys.

Sensitive / PII Received

Behavioral product events, device/session identifiers, and any user-scoped attributes the app chooses to attach.

Confidence & Evidence

Named framework match, companion framework pattern, and in-bundle privacy manifest evidence.

Privacy Manifest / Static Evidence

Product interaction data declared for analytics, linked to user, with cross-app tracking not declared in the sampled manifests.

AmplitudeCore.framework, AmplitudeEngagementSwift.framework, privacy manifest declarations, engagement runtime resources.

Trust Assessment

Established analytics vendor. Residual risk depends on instrumentation discipline and whether sensitive fields are logged into events.

Amplitude iOS SDK
Technical Details

Framework names and bundled resources identify the Amplitude analytics stack and engagement runtime. This finding is treated as a product telemetry dependency rather than an advertising SDK.

HUMAN / PerimeterXFraud / Bot DefenseMedium RiskDetected with high confidence
PerimeterX_SDK.framework

Bot, account-abuse, and automated-traffic defense SDK used to generate device and behavior signals for risk scoring.

Sensitive / PII Received

Device and interaction signals, diagnostic envelope, and request metadata used for fraud and bot classification.

Confidence & Evidence

Named framework match and vendor-specific SDK lineage.

Privacy Manifest / Static Evidence

Device ID, product interaction, crash, and other diagnostic categories were visible in the sampled framework manifest.

PerimeterX_SDK.framework, HUMAN/PerimeterX symbols, security SDK resources, privacy manifest categories.

Trust Assessment

Specialized security vendor. Data is risk-signaling rather than marketing attribution, but it still expands third-party device telemetry.

HUMAN mobile SDK guideHUMAN Bot Defender
Technical Details

The sampled framework used legacy PerimeterX naming, while public documentation now reflects HUMAN Security branding and SDK migration.

Prove Mobile AuthPhone IdentityMedium RiskDetected with high confidence
ProveMobileAuth.framework

Phone-centric authentication SDK used to confirm device or SIM possession and reduce friction during sensitive account actions.

Sensitive / PII Received

Phone number plus carrier, device, and authentication context signals.

Confidence & Evidence

Named framework match and phone-authentication privacy manifest categories.

Privacy Manifest / Static Evidence

Phone number and other app-functionality data categories were visible in the sampled framework manifest.

ProveMobileAuth.framework, phone-authentication strings, privacy manifest phone-number category.

Trust Assessment

Established identity-authentication vendor. Medium risk because phone number is personal data, but use is tied to account security.

Prove unified authentication
Technical Details

The framework is distinct from document KYC. It appears to support account authentication and phone-possession checks rather than onboarding document review.

Salesforce ServiceCustomer SupportMedium RiskDetected with high confidence
ServiceChat.frameworkServiceCore.framework

In-app support chat and shared service layer used to connect users with customer support workflows.

Sensitive / PII Received

Chat transcripts, session metadata, support attachments, user identifiers, and any account details typed by the user.

Confidence & Evidence

Named framework match and Salesforce Service SDK bundle identifiers.

Privacy Manifest / Static Evidence

No standalone privacy manifest was visible for the sampled frameworks; handling is governed by vendor and app-level disclosures.

ServiceChat.framework, ServiceCore.framework, Salesforce Service SDK identifiers.

Trust Assessment

Enterprise support vendor. The sensitivity comes from chat content and access controls rather than the SDK name alone.

Salesforce in-app chat SDKSalesforce iOS core SDK guide
Technical Details

ServiceChat and ServiceCore are grouped because they operate as one customer-support stack in the app package.

ThreatMetrixDevice RiskMedium RiskDetected with high confidence
TMXProfiling.frameworkTMXProfilingConnections.framework

Device-fingerprinting and digital identity risk SDK used to score sessions for fraud, account takeover, and synthetic-identity risk.

Sensitive / PII Received

Device, network, location, timestamp, storage, and other risk signals used for profiling and fraud decisions.

Confidence & Evidence

Named framework match, companion transport module, and vendor-specific profiling symbols.

Privacy Manifest / Static Evidence

Location, required-reason API, and other data categories were visible in the sampled framework manifests.

TMXProfiling.framework, TMXProfilingConnections.framework, required-reason API declarations, vendor-specific symbols.

Trust Assessment

Major fraud and identity risk vendor. Medium risk because the purpose is security, but the signal envelope is broad.

LexisNexis ThreatMetrix
Technical Details

The profiling and connections frameworks are treated as a single dependency because one generates risk signals and the other transports them.

OpenTelemetryObservabilityLow RiskDetected with high confidence
OpenTelemetryApi.framework

Open-source telemetry API used to instrument traces, metrics, and logs before they are sent to whichever backend the app configures.

Sensitive / PII Received

No inherent collection by itself; spans or metrics can carry PII if developers attach user-identifying attributes.

Confidence & Evidence

Named framework match and open-source package identity.

Privacy Manifest / Static Evidence

No inherent data-collection manifest requirement was visible for the sampled API-only framework.

OpenTelemetryApi.framework and package naming.

Trust Assessment

Widely used open-source observability standard. Operational risk depends on what the app records into telemetry attributes.

OpenTelemetry Swift docs
Technical Details

This finding is classified as infrastructure rather than a data broker or marketing SDK.

Rive RuntimeRenderingLow RiskDetected with high confidence
RiveRuntime.framework

Runtime for rendering interactive vector animations and animated UI states inside the app.

Sensitive / PII Received

No meaningful user or device data exposure indicated by the sampled framework evidence.

Confidence & Evidence

Named framework match and runtime resources.

Privacy Manifest / Static Evidence

The sampled manifest did not declare user data collection.

RiveRuntime.framework, Rive runtime resources, minimal privacy manifest declarations.

Trust Assessment

Low privacy risk rendering dependency.

Rive Apple runtime docs
Technical Details

Classified as a UI/runtime library rather than a data-handling SDK.

HermesJavaScript RuntimeLow RiskDetected with high confidence
hermes.framework

JavaScript engine used to execute React Native code inside the iOS app.

Sensitive / PII Received

No direct data collection by the engine itself; any sensitive handling occurs in the app's JavaScript or native modules.

Confidence & Evidence

Named framework match and runtime bundle identifier.

Privacy Manifest / Static Evidence

No inherent user-data collection was indicated by the sampled runtime framework.

hermes.framework, Hermes bundle identifier, runtime version metadata.

Trust Assessment

Open-source runtime. Privacy risk belongs to code running on top of it, not the engine alone.

Hermes JS engineExpo Hermes guide
Technical Details

The framework indicates React Native usage in at least part of the application.

Risk Summary

SDKVendorRiskConfidenceData Sent To
Amplitude Session ReplayAmplitude, Inc.HighDetected with high confidenceAmplitude
GeoComplyGeoComply Solutions Inc.HighDetected with high confidenceGeoComply
Incode OnboardingIncode Technologies, Inc.HighDetected with high confidenceIncode
RadarRadar Labs, Inc.HighDetected with high confidenceRadar
Amplitude Analytics / EngagementAmplitude, Inc.MediumDetected with high confidenceAmplitude
HUMAN / PerimeterXHUMAN SecurityMediumDetected with high confidenceHUMAN Security
Prove Mobile AuthProve Identity, Inc.MediumDetected with high confidenceProve
Salesforce ServiceSalesforce, Inc.MediumDetected with high confidenceSalesforce
ThreatMetrixLexisNexis Risk SolutionsMediumDetected with high confidenceLexisNexis Risk Solutions
OpenTelemetryOpenTelemetry / CNCFLowDetected with high confidenceConfigured observability backend
Rive RuntimeRiveLowDetected with high confidenceNone indicated
HermesMeta Platforms, Inc. / React NativeLowDetected with high confidenceNone indicated

This is a redacted sample based on a real SDKAnalyzer iOS report. App-specific identifiers and customer-specific details have been removed or normalized. Purchased reports are human-reviewed and include evidence, confidence levels, limitations, and source links for the analyzed app package.

Get Your Own Report