http://www.digitaljournal.com/technology/google-helping-app-developers-bypass-ios-9-ad-encryption/article/442517

Google tells app developers to bypass Apple's secure new ad tech

Posted Aug 31, 2015 by James Walker
Apple is making some changes with iOS 9 that could make it harder to display some types of advert and may break existing ones. Google, one of the largest ad providers, isn't happy and has issued guidance to help developers get around the system.
Screen of Apple s iOS 9
Screen of Apple's iOS 9
Apple WWDC live keynote via The Verge
The dispute lies with the App Transport Security (ATS) feature of iOS 9. Built right into the new mobile operating system, ATS enforces a set of policies designed to prevent ad providers from tracking what iOS users do on their devices.
ATS is based around the secure HTTPS Internet protocol which cannot be tampered with. It examines all content that arrives on the phone and demands that it uses HTTPS. Many non-secure in-app adverts based around HTTP are likely to stop working when this change is introduced.
This hasn't pleased rival Google. Its AdMob revenue platform is one of the key in-app advertising providers so it could lose out when ATS is introduced. To help developers continue to show the money-making adverts they need, Google has published a blog post that outlines a way for them to avoid using ATS on iOS.
ITProPortal reports that Google quickly attracted negative comments from people keen to point out that Apple is trying to protect consumer privacy and that adverts would be more secure if they did use HTTPS. The company responded to say that it is itself a key advocate of the secure technology and that all new iOS apps should be designed with ATS in mind.
The post does state that the method used to circumvent the protection — by adding an exception that forces the device to download HTTP ads anyway — is only recommended as a "short term fix." Google writes: "We recommend using HTTPS exclusively if you're developing a new app. If you're working on an existing app, we suggest using HTTPS as much as possible and creating a plan to migrate the rest of your app towards ATS compliance."
It adds that the decision to write the blog post was made because "there isn't always full compliance on third party ad networks and custom creative code served via our systems." Google says that it "remains committed to industry-wide adoption of HTTPS" although some may argue that it has just slowed that adoption down by widely publishing details of a method that allows developers to avoid using a privacy-protecting new technology.