Hey, i have this question and it'll be great if i get an answer. I noticed this behavior in multiple apps and games downloaded from google play (downloaded for the first time on my device, never used them before!!!!! ).
Yesterday i was bored, i installed a game (beach buggy racing 2),applied restrictions and opened it. When i opened it, i saw that the data inside the app doesn't belong to me at all(first time i play this game), i saw that i have 800k coins and gems and most of the things unlocked.
Same thing for a vpn app i used before, after applying restrictions, i opened it and found out that i got premium (also used for the first time).
Today i installed a game(shadow fighter 3) , same thing happened, got some cash and progress that doesn't belong to me.
A card game I once downloaded, after applying restrictions i opened the app, same thing happened. But this was the weirdest one bcz this game had chatting system where people can send and receive messages..., believe when i say that this was definitely someone's profile,it's like I'm using his profile, i saw the messages he sent and the chat with his friends, he was lvl 34 i think.
Happened with some other apps
So, is this caused bcz of faking the device id? Is it normal also?
The device id (or anything that XPL restricts) is not something that any normal app should use for user authentication.