After upgrading to macOS Catalina I figured it would be a good time to audit my iCloud keychain. It's been over five years since it was added by iOS 7 so there has to be a ton of junk in it.
A number of entries were really easy to delete because they mentioned apps or games I hadn't played in years but others weren't so obvious. One of the more bizarre one was "__iokstg__". There were three seperate entires of it, one from each of the last three years. I googled it and it turned out to be one of those cursed queries that has nothing but garbage results.
Using the macOS "Keychain Access" program I right clicked on one of the "__iokstg__" entries and selected the "Get Info" menu item. This brings up a little window with two tabs, "Attributes" and "Access Control". The "Attributes" tab is generally pretty worthless because it usually has the same information you can see on the main "Keychain Access" window. The "Access Control" tab though is much more useful because it shows you the bundle identifiers of the apps that are accessing the item. When I saw what apps were responsible for the creation of these entries it finally made sense only because I was responsible for building one of the apps!
These "__iokstg__" entries in your iCloud keychain are caused by a company called iovation. They are one of those trash companies that sells an SDK which allows developers to fingerprint devices so you can track users across installs. iovation says this is for "fraud purposes" but this sort of information could easily be used for serving up advertisments. Regardless, I am shocked that Apple still allows apps with this SDK because I thought this level of tracking was against the Apple Developer Terms and Conditions.
Hopefully this article gets picked up by Google so the next time someone searches for "__iokstg__" they won't be left in the dark like I was.