How did Uber fingerprint iPhones to identify them even after the Uber app was deleted?

Question

In 2015 Uber was fingerprinting iPhones to reduce fraud in China.

What methods were they using to do this? Was it as simple as recording the serial number in a database? Were they using private methods?

From the NYT article: "To halt the activity, Uber engineers assigned a persistent identity to iPhones with a small piece of code, a practice called “fingerprinting.” Uber could then identify an iPhone and prevent itself from being fooled even after the device was erased of its contents.

There was one problem: Fingerprinting iPhones broke Apple’s rules. Mr. Cook believed that wiping an iPhone should ensure that no trace of the owner’s identity remained on the device.

So Mr. Kalanick told his engineers to “geofence” Apple’s headquarters in Cupertino, Calif., a way to digitally identify people reviewing Uber’s software in a specific location. Uber would then obfuscate its code for people within that geofenced area, essentially drawing a digital lasso around those it wanted to keep in the dark. Apple employees at its headquarters were unable to see Uber’s fingerprinting."

Answer 1

Found more info and a potential method on this article.

Will Strafach examined a 2014 build of the Uber iOS app and found them using private APIs to use IOKit to pull the device serial number from the device registry.

https://twitter.com/chronic/status/856250223777206273

There might be more, but this alone is a blatant violation of App Store policy. Strafach confirms that the technique Uber was using no longer works in iOS 10.]

Github project here - https://github.com/erica/uidevice-extension/blob/7adc1d13946fca6fcb4b5f0b6e45911ab4a9a671/UIDevice-IOKitExtensions.m