June 08, 2017
New rules following WWDC 2017
After a densely packed WWDC keynote with many new features for developers and user, Apple also published a new version of the App Store Review Guidelines. There are many changes ranging from minor rephrasings to totally new rules.
A few notable changes and additions that caught my mind:
- New note on how to respond to App Store customer reviews.
- Note saying developers must now use the provided API to prompt users for reviews rather than link to the App Store page from a custom prompt.
- App names can now only be 30 characters long. Previosly this limit was 50 characters. There is a new subtitle feature in iTunes Connect that we should use instead of long descriptive titles.
- Apps that provide a programming interface may now (in some cases) download and run code from the Internet.
- Clarifications regarding IAP and other purchasing methods for “reader” apps.
- Binary options trading apps are no longer allowed.
- Apps created from a commercialized template or app generation service will be rejected.
- Your app description should let people know what types of access (e.g. location, contacts, calendar, etc.) are requested by your app, and what aspects of the app won’t work if the user doesn’t grant permission.
All the changes are listed below. Additions have green highlight and deletions have red highlight and strikeout.
Before you submit
- The App Store is a great way to reach hundreds of millions of people around the world. If you build an app that you just want to show to family and friends, the App Store isn’t the best way to do that. Consider Ad Hoc distribution or the Enterprise Program. If you’re just getting started, learn more about the Apple Developer Program.
- If your app looks like it was cobbled together in a few days, or you're trying to get your first practice app into the store to impress your friends, please brace yourself for rejection. We have lots of serious developers who don't want their quality apps to be surrounded by amateur hour.
We will reject apps for any content or behavior that we believe is over the line. What line, you ask? Well, as a Supreme Court Justice once said, "I'll know it when I see it". And we think that you will also know it when you cross it.
If you attempt to cheat the system (for example, by trying to trick the review process, steal user data, copy another developer's work, or manipulate ratings) your apps will be removed from the store and you will be expelled from the Developer Program.
To help your app approval go as smoothly as possible, review the common missteps listed below that can slow
the review process or trigger a rejection. This doesn’t replace the guidelines or guarantee approval, but
sure you can check every item on the list is a good start. If your app no longer functions as intended or you’re no longer actively supporting it, it will be removed from the App Store. Learn More about App Store Improvements.
1.1 Objectionable Content
1.4 Physical Harm
- 1.1.7 App Store Reviews:
- App Store customer reviews can be an integral part of the app experience, so you should treat customers with respect when responding to their comments. Keep your responses targeted to the user’s comments and do not include personal information, spam, or marketing in your response.
- Use the provided API to prompt users to review your app; this functionality allows customers to provide an App Store rating and review without the inconvenience of leaving your app, and we will disallow custom review prompts.
If your app behaves in a way that risks physical harm, we may reject it. For example:
2.3 Accurate Metadata
- 1.4.1 Medical apps that could provide inaccurate data or information, or that could be
used for diagnosing or treating patients may be reviewed with greater scrutiny. If your medical app has received regulatory clearance, please submit a link to that documentation with your app.
If your medical app has received regulatory clearance, please submit a link to that documentation with
- Apps must clearly disclose data and methodology to support accuracy claims relating to health measurements, and if the level of accuracy or methodology cannot be validated, we will reject your app. For example, apps that claim to take x-rays, measure blood pressure, body temperature, blood glucose levels, or blood oxygen levels using only the sensors on the device are not permitted.
- Apps should remind users to check with a doctor in addition to using the app and before making medical decisions.
- 1.4.3 Apps should notthat
encourage consumption of tobacco products, illegal or excessive consumption of drugs or alcohol; or encourage minors to consume
drugs, or excessive amounts of alcohol are not permitted on the App Store. Apps that encourage minors to consume any of these substances will be rejected. Facilitating the sale of marijuana,
or tobacco; and facilitating the sale of marijuana, or controlled substances (except for licensed pharmacies)
- 1.4.5 Apps should not urge customers to use their devices in a way that contradicts
safety documentation for Apple hardware, risking damage to the device or physical harm to people. For
example, apps should not encourage placing the device under a mattress or pillow while charging or perform excessive write cycles to the solid state drive. Review device documentation.
2.5 Software Requirements
- 2.3.2 If your app includes in-app purchases, make sure your app description,
screenshots, and previews clearly indicate whether any featured items, levels, subscriptions, etc.
require additional purchases. If you decide to promote in-app purchases on the App Store, ensure that the IAP Display Name and Description are written for a public audience and that your app properly handles the Purchase Intent API so that customers can seamlessly complete the purchase when your app launches.
- 2.3.3 Screenshots should show the app in use, and not merely the title art, log-in
page, or splash screen. They may also include text overlays and show extended functionality on device, such as Touch Bar.
- 2.3.7 Choose a unique app name, assign keywords that accurately describe your app, and
don’t try to pack any of your metadata with trademarked terms, popular app names, or other irrelevant
phrases just to game the system. App names must be limited to 5030 characters and should not include prices, terms, or descriptions that are not the name of the app. App subtitles are a great way to provide additional context for your app; they must follow our standard metadata rules and should not include inappropriate content, reference other apps, or make unverifiable product claims.
Apple may modify inappropriate keywords at any time.
- 2.3.8 Metadata should be appropriate for all audiences, so make sure your app and in-app purchase icons, screenshots, and previews adhere to a 4+ age
rating even if your app is rated higher. For example, if your app is a game that includes violence,
select images that don’t depict a gruesome death or a gun pointed at a specific character. Use of terms like “For Kids” and “For Children” in app names is reserved for the Kids Category. Remember
to ensure your metadata, including app name and icons (small, large, Apple Watch app, etc.), are similar
to avoid creating confusion.
- 2.5.1 Apps may only use public APIs and must run on the currently shipping OS.
Learn more about public APIs. Keep your apps up-to-date and make sure you phase out any deprecated features, frameworks or technologies that will no longer be supported in future versions of an OS.
- 2.5.2 Apps should be self-contained in their bundles, and may not read or write data
outside the designated container area, nor may they download, install, or execute code, including
other iOS, watchOS, macOS, or tvOS apps. Apps designed to teach, develop, or test executable code may, in limited circumstances, download code provided that such code is not used for other purposes. Such apps must make the source code provided by the Application completely viewable and editable by the user.
- 2.5.9 Apps that alter or disable the functions of standard
switches, such as the Volume Up/Down and Ring/Silent switches, or other native user interface elements
or behaviors will be rejected. For example, apps should not block links out to other apps or other features that users would expect to work a certain way. Learn more about proper handling of links.
- 2.5.11 SiriKit
- (ii) Ensure that the vocabulary and phrases in your plist pertains to your app
and the SiriKit functionality of the intents the app has registered for. Aliases must relate directly to your app or company name and should not be generic terms or include third party app names or services.
- 2.5.12 Apps using CallKit or including an SMS Fraud Extension should only block phone numbers that are confirmed spam. Apps that include call-, SMS-, and MMS- blocking functionality or spam identification must clearly identify these features in their marketing text and explain the criteria for their blocked and spam lists. You may not use the data accessed via these tools for any purpose not directly related to operating or improving your app or extension (e.g. you may not use, share, or sell it for tracking purposes, creating user profiles, etc.)
3.2 Other Business Model Issues
- 3.1.1 In-App Purchase:
- If you want to unlock features or functionality within your app, (by way of example:
subscriptions, in-game currencies, game levels, access to premium content, or unlocking
a full version), you must use in-app purchase. Apps may use in-app purchase currencies to enable customers to “tip” digital content providers in the app. Apps may not
include buttons, external links, or other calls to action that direct customers to
purchasing mechanisms other than IAP.
- Any credits or in-game currencies purchased via IAP must be consumed within the app and may
not expire, and you should make sure you have a restore mechanism for any restorable
- 3.1.2(a) Permissible uses: If you offer an auto-renewing
subscription, you must provide ongoing value to the customer, and the subscription period must last at least seven days and be available across all of the user’s devices.
- 3.1.3 Content-based “Reader”
Apps: Apps may allow a user to access previously purchased content or content
subscriptions (specifically: magazines, newspapers, books, audio, music, video, access to
professional databases, VoIP, cloud storage, and approved services such as educational apps that
manage student grades and schedules), as well as consumable items in multi-platform games, provided
the app doesthat you agree not directto directly or indirectly target iOS users to use a purchasing mechanismmethod other than IAP, and your general communications about other purchasing methods are not designed to discourage use of
4.2 Minimum Functionality
- 3.2.1 Acceptable
- (vi) Approved nonprofits may fundraise directly within their own apps
usingor third-party apps, provided those fundraising campaigns adhere to all App Review Guidelines and offer
Apple Pay, provided those fundraising campaigns adhere to all App Review Guidelines support. These apps must disclose how the funds will be
used, abide by all required local and federal laws, and makeensure appropriate tax receipts are available to donors. Additional information shall be provided to App Review upon request. Nonprofit
platforms that connect donors to other nonprofits must ensure that every nonprofit
listed in the app has also gone through the nonprofit approval process. Learn more about
becoming an approved
- 3.2.2 Unacceptable
- (iv) Unless you are an approved nonprofit or otherwise permitted under Section 3.2.1 (vi) above,
collecting funds within the app for charities and fundraisers. Apps that seek to raise
money for such causes must be free on the App Store and may
only collect funds outside of the app, such as via Safari or SMS.
- (vi) Apps should allow a user to get what they’ve paid for without
performing additional tasks, such as posting on social media, uploading contacts,
checking in to the app a certain number of times, etc. Apps should not forcerequire users to rate the
app, review the app, watch videos, download other apps,
tap on advertisements, or take other similar actions in
order to access functionality, content, or use of the app, or receive monetary or other compensation.
- (vii) Artificially manipulating a user’s visibility, status, or rank on other services unless permitted by that service’s Terms and Conditions
- (viii) Apps that facilitate binary options trading are not permitted on the App Store. Consider a web app instead.
- 4.2.2 Other than catalogs, which have a dedicated category, apps
shouldn’t primarily be marketing materials, advertisements, web clippings, content aggregators,
or a collection of links.
- 4.2.6 Apps created from a commercialized template or app generation service will be rejected.
4.5 Apple Sites and Services
- 4.4.1 Keyboard extensions have some additional rules.
- Follow Sticker guidelines if the keyboard includes images or emojis
- Remain functional without full network access and without requiring full
4.6 Alternate App Icons
- 4.5.2 The Apple Music API lets
- (i) The MusicKit APIs let
customers access their subscription while using your app. They are intended for simple music playback by Apple Music subscribers. Users
must initiate the playback of an Apple Music stream and be
able to navigate playback using standard media controls such
as “play,” “pause,” and “skip;.” apps may not automate these actions. Moreover, your app
may not require payment or indirectly monetize access to the Apple Music service (e.g.
in-app purchase, advertising, requesting user info, etc.). Do not download, upload, or enable sharing of music files sourced from the MusicKit APIs, except as explicitly permitted in MusicKit documentation.
- (ii) Using the MusicKit APIs is not a replacement for securing the licenses you might need for a deeper or more complex music integration. For example, if you want your app to play a specific song at a particular moment, or to create audio or video files that can be shared to social media, you’ll need to contact rights-holders directly to get their permission (e.g. synchronization or adaptation rights) and assets. Cover art and other metadata may only be used in connection with music playback or playlists (including App Store screenshots displaying your app’s functionality), and should not be used in any marketing or advertising without getting specific authorization from rights-holders. Make sure to follow the Apple Music Identity Guidelines when integrating Apple Music services in your app.
- (iii) Apps that access Apple Music user data, such as playlists and favorites, must clearly disclose this access in the purpose string. Any data collected may not be shared with third parties for any purpose other than supporting or improving the app experience. This data may not be used to identify users or devices, or to target advertising.
Apps may display customized icons, for example, to reflect a sports team preference, provided that each change is initiated by the user and the app includes settings to revert to the original icon. All icon variants must relate to the content of the app and changes should be consistent across all system assets, so that the icons displayed in Settings, Notifications, etc. match the new springboard icon. This feature may not be used for dynamic, automatic, or serial changes, such as to reflect up-to-date weather information, calendar notifications, etc.
4.7 Third-Party Software
5.2 Intellectual Property
- 5.1.1 Data Collection and
secure user consent for the collection. This includes—but isn’t limited to—apps that
implement HealthKit or other health/medical technologies, HomeKit, Keyboard extensions,
Apple Pay, Stickers and iMessage extensions, include a login, or access user data from
the device. Your app description should let people know what types of access
(e.g. location, contacts, calendar, etc.) are requested by your app, and what aspects of the app won’t work if the user doesn’t grant permission.
- 5.1.2 Data Use and Sharing
- (i) Apps cannotYou may not attempt, facilitate, or encourage others to identify users or reconstruct user profiles based on data that you say has been collected in an “anonymized,” “aggregated,” or otherwise non-identifiable way. You may not
use or transmit someone’s personal data without first obtaining their permission and
providing access to information about how and where the data will be used.
- 5.2.1 Generally: Don’t use protected third party material such as trademarks,
copyrighted works, or patented ideas in your app without permission, and don’t include
misleading, false, or copycat representations, names, or metadata in your app bundle or developer name. Apps should be submitted by the person or legal entity that owns or has licensed the intellectual property and other relevant rights and is responsible for offering any services provided by the app.
- 5.2.5 Apple Products: Don’t create an app that appears confusingly similar to
an existing Apple product, interface (e.g. Finder), app (such as the App Store, iTunes Store, or Messages) or advertising theme, and don’t
misspell Apple product names (i.e., GPS for Iphone, iTunz). Apps and extensions, including third party keyboards and Sticker packs, may not include Apple emoji. iTunes
music previews may not be used for their entertainment value (e.g. as the background music to a
photo collage or the soundtrack to a game) or in any other unauthorized manner. If your app
displays Activity rings, do not modify the look and feel of the rings themselves or the data
they represent. The Human
Interface Guidelines have more information on how to use Activity rings.