Currently I'm working on an App which geolocation capabilities are its most important feature. Actually we're very concerned about getting GPS values mocked up. I've read a lot of comments regarding mocking locations on both iOS and Android and most of them tend to explain an unjailbroken iOS device can't mock locations, but the truth is I've created another project, with a GPX file to mock up location on that project and when executed, the entire system believes I'm in another city. All my locationManager callbacks tell me I'm on the mocked location with the proper timestamp, faking the entire information like it was real. That breaks entirely the purpose of our App, as the user can fake where has been.
Is there any way to detect this behaviour and prevent it? I'm assuming a closed target, the attacker must be a developer in order to this exploit to work, but alas, it's still there