Skip to main content

Apple’s new App Store guidelines put scammers and bounty hunters on notice

Apple’s new App Store guidelines put scammers and bounty hunters on notice

/

Here’s everything that just changed for App Review at WWDC

Share this story

Illustration by William Joel / The Verge

Apple has just updated its App Store Guidelines, the document that tells iPhone and iPad developers what kind of behavior the company will tolerate and where it’s likely to reject apps or crackdown after the fact — and as TechCrunch reports, many of today’s changes are aimed directly at scammers and fraudsters who prey on Apple users. But not all of them.

I just put the entire thing through a diff checker to show you exactly what’s changed. Check out all the differences here for yourself, or read on for the highlights.

Apple is warning fraudsters it’s coming for their entire accounts

Apple already had a section titled “5.6 Developer Code of Conduct” that warned devs not to “prey on users or attempt to rip off customers” among a laundry list of other bad behavior. Now, it also includes two clear warnings and a possibility of redemption:

Repeated manipulative or misleading behavior or other fraudulent conduct will lead to your removal from the Apple Developer Program.

Your Developer Program account will be terminated if you engage in activities or actions that are not in accordance with the Developer Code of Conduct. To restore your account, you may provide a written statement detailing the improvements you plan to make. If your plan is approved by Apple and we confirm the changes have been made, your account may be restored.

Apple will count slippery identities, fake reviews, negative reviews, and other warning signs against a developer’s standing

These three sections of the Developer Code of Conduct are brand-new:

5.6.2 Developer Identity

Providing verifiable information to Apple and customers is critical to customer trust. Your representation of yourself, your business, and your offerings on the App Store must be accurate. The information you provide must be truthful, relevant, and up-to-date so that Apple and customers understand who they are engaging with and can contact you regarding any issues.

5.6.3 Discovery Fraud

Participating in the App Store requires integrity and a commitment to building and maintaining customer trust. Manipulating any element of the App Store customer experience such as charts, search reviews, or referrals to your app erodes customer trust and is not permitted.

5.6.4 App Quality

Customers expect the highest quality from the App Store, and maintaining high quality content, services, and experiences promotes customer trust. Indications that this expectation is not being met include excessive customer reports about concerns with your app, such as negative customer reviews, and excessive refund requests. Inability to maintain high quality may be a factor in deciding whether a developer is abiding by the Developer Code of Conduct.

Misleading marketing is also not allowed, up to and including bait-and-switch pricing. These bolded parts of section 2.3.1 are new:

marketing your app in a misleading way, such as by promoting content or services that it does not actually offer (e.g. iOS-based virus and malware scanners) or promoting a false price, whether within or outside of the App Store, is grounds for removal of your app from the App Store and termination of your developer account.

All of this seems directly aimed at Apple’s scam problem, where the most profitable company in the world hasn’t managed to stop egregious scams that are so obvious you could easily find them yourself, and where The Washington Post found 2 percent of the company’s top grossing apps were fraudulent. But it’s unclear whether enforcement will improve alongside these new rules. TechCrunch apparently didn’t get an answer to that in its briefing with Apple.

Bounty hunter apps are on notice

Remember when Citizen’s CEO encouraged his users to hunt down an innocent person by offering a $30,000 reward? Apple’s new rule seems designed to tamp down on vigilante justice:

1.7 Reporting Criminal Activity

Apps for reporting alleged criminal activity must involve local law enforcement, and can only be offered in countries where such involvement is active.

Hookup apps are also on notice

I’m not sure which app made the headlines this time, but Apple’s tangled with this issue in the past.

1.1.4 Overtly sexual or pornographic material, defined by Webster’s Dictionary as “explicit descriptions or displays of sexual organs or activities intended to stimulate erotic rather than aesthetic or emotional feelings.” This includes “hookup” apps that may include pornography or be used to facilitate prostitution.

Legal weed is OK, but it’s gotta be legal

Weed apps have been touch-and-go on iPhone for many years, and not for lack of rules. This is more about letting developers know that a certain narrowly defined category is allowed.

(ix) Apps that provide services in highly-regulated fields (such as banking and financial services, healthcare, gambling, legal cannabis use, and air travel) or that require sensitive user information should be submitted by a legal entity that provides the services, and not by an individual developer. Apps that facilitate the legal sale of cannabis must be geo-restricted to the corresponding legal jurisdiction.

You don’t need to give Apple a cut of physical gift card sales

Apple said it doesn’t take a cut of physical purchases. Were physical gift cards an exception? Either way, you don’t have to pay now.

Digital gift cards, certificates, vouchers, and coupons which can be redeemed for digital goods or services can only be sold in your app using in-app purchase. Physical gift cards that are sold within an app and then mailed to customers may use payment methods other than in-app purchase.

Apple’s most arbitrary rules aren’t gone, but tamped down

Of all the rules in the App Store, the “don’t include irrelevant information” is probably the easiest to abuse; developers like ProtonMail have told us it’s used to justify removing an app when there aren’t any actually relevant rules. It also irks developers who believe they should be able to tell their users about the hoops they have to jump through to get into the store. It’s not gone, but it’s shorter now:

2.3.10 Make sure your app is focused on the iOS, iPadOS, macOS, tvOS or watchOS experience, and don’t include names, icons, or imagery of other mobile platforms in your app or metadata, unless there is specific, approved interactive functionality. Make sure your app metadata is focused on the app itself and its experience. Don’t include irrelevant information, including but not limited to information about Apple or the development process.

Also, Apple’s clearer now that — with certain kinds of apps, and outside the app itself, and only if you get their contact info elsewhere somehow — developers actually can tell their users that they can pay outside of Apple’s store:

Developers cannot use information obtained within the app to target individual users outside of the app to use purchasing methods other than in-app purchase (such as sending an individual user an email about other purchasing methods after that individual signs up for an account within the app). Developers can send communications outside of the app to their user base about purchasing methods other than in-app purchase.

That doesn’t fix the company’s anti-steering rules in the least, which came up prominently during the Epic-Apple trial, but it does make edge cases clearer.

Apple wants apps to let users be free

5.1.1 (v) Account Sign-In: If your app doesn’t include significant account-based features, let people use it without a login. If your app supports account creation, you must also offer account deletion within the app.

Neat.

Oh, and Roblox is still totally not a game

This section is all-new:

1.2.1 Creator Content

Apps which feature content from a specific community of users called “creators” are a great opportunity if properly moderated. These apps present a singular, unified experience for customers to interact with various kinds of creator content. They offer tools and programs to help this community of non-developer creators to author, share, and monetize user-generated experiences. These experiences must not change the core features and functionality of the native app—rather, they add content to those structured experiences. These experiences are not native “apps” coded by developers—they are content within the app itself and are treated as user-generated content by App Review. Such creator content may include video, articles, audio, and even casual games. The App Store supports apps offering such user-generated content so long as they follow all Guidelines, including Guideline 1.2 for moderating user-generated content and Guideline 3.1.1 for payments and in-app purchases. Creator apps should share the age rating of the highest age-rated creator content available in the app, and communicate to users which content requires additional purchases.

If you’re wondering what Apple is on about here, here’s the TL;DR:

Apple doesn’t want to allow cloud gaming services like Stadia and xCloud into the App Store, so it told everyone each game in a collection of games had to be individually approved — even though that rule didn’t exist until Apple retroactively added it. Then everyone pointed out Roblox is a collection of games that weren’t individually approved, LOL. Apple argued at trial that Roblox isn’t a game, and Roblox amusingly agreed. Now Apple is now carving out a brand new category of “Creator Content” to cement why Roblox is OK, while other game platforms that contain multitudes are not. Simple!