Second, Apple introduced two developer models. The first is that personal apps can only be published in the APP Store, and the second is that enterprise apps can be installed without downloading directly from the APP Store. On the enterprise level, Apple's original intention is to develop an OA system APP for enterprises, such as thousands of people in the company group. Because it is related to company secrets, it is a solution to install the APP without putting it on the shelf.
Third, the enterprise-level APP has not been officially tested by Apple, which means that there may be a potential back door. The standards for putting on the APP Store are very strict. You can't use private api, callkit, etc. And enterprises can completely ignore these problems. These apps may upload your mobile phone number, your address book, and even your photos or personal information without your knowledge. Unless it is a company trusted by the subject, don't use the enterprise-level APP easily. Even if you use the enterprise level, don't give the APP permission easily, let alone open the APP! The double opening of WeChat is a classic example. Each APP has a unique identifier (binding id) on the mobile phone, and Apple is not allowed to save apps with the same bid, which is why WeChat cannot install two. Hackers get the package of WeChat (ipa), regenerate Appid and Provisioning Profile with enterprise account, and then re-sign it with signature tool. At this time, the bid is different. Your mobile phone has two Wechat messages. Re-signing is just a good thing. We don't know if there is a back door in the program.