Apple’s new App Store guidelines warn scammers and bounty hunters


Apple just updated the App Store Guidelinesd, the document that tells iPhone and iPa that tells iPhone and iPad developers what kind of behavior the company will tolerate and where it is likely to refuse apps or act after the fact — and as TechCrunch reportsMany of today’s changes are aimed directly at scammers and fraudsters who prey on Apple users. But not all.

I ran the whole thing through a diff checker to show you exactly what has changed. View all differences here for yourself, or read on for the highlights.

Apple warns fraudsters it’s coming for their entire accounts

Apple already had a section titled “5.6 Developer Code of Conduct” that warned developers not to “hunt users or rob customers” among a laundry list of other bad behavior. Now it also contains two clear warnings and an opportunity for redemption:

Repeated manipulative, deceptive or other fraudulent behavior will result in your removal from the Apple Developer Program.

Your Developer Program account will be terminated if you engage in activities or actions inconsistent with the Developer Code of Conduct. To restore your account, you can provide a written statement describing the improvements you want to make. If your subscription has been approved by Apple and we confirm the changes have been made, your account is recoverable.

Apple counts slippery identities, fake reviews, negative reviews and other warning signs against a developer’s reputation

These three sections of the Developer Code of Conduct are brand new:

5.6.2 Developer Identity Developer

Providing verifiable information to Apple and customers is critical to customer trust. Your representation of yourself, your business, and your App Store offerings must be accurate. The information you provide must be truthful, relevant and up-to-date so that Apple and customers understand who they are contacting and can contact you with any concerns.

5.6.3 Discovery fraud

Participation in the App Store requires integrity and commitment to build and maintain customer trust. Manipulating any element of the App Store customer experience, such as charts, search reviews, or references to your app, violates customer trust and is not allowed.

5.6.4 App quality

Customers expect the highest quality from the App Store, and maintaining high-quality content, services, and experiences builds customer trust. Indications that this expectation is not being met include excessive customer notifications about problems with your app, such as negative customer reviews, and excessive refund requests. Failure to maintain high quality can be a factor in a developer’s decision to adhere to the Developer Code of Conduct.

Misleading marketing is also not allowed, up to and including bait-and-switch pricing. These bold parts of section 2.3.1 are new:

market your app in a misleading way, for example by advertising content or services it doesn’t actually offer (e.g. iOS-based virus and malware scanners) or promoting a false price, both inside and outside the App Store, is grounds for removing your app from the App Store and termination of your developer account.

All of this seems to be aimed directly at Apple’s scam problem, where the most profitable company in the world has failed to stop gross scams that are so obvious that you could easily find them yourself, and where The Washington Post found that 2 percent of the company’s most profitable apps were fraudulent. But it’s unclear whether enforcement will improve along with these new rules. TechCrunch apparently didn’t get an answer to that in his briefing with Apple.

Bounty hunter apps are aware

Remember when Citizen’s CEO encouraged his users to track down an innocent person by offering a $30,000 reward? Apple’s new rule appears to target vigilantes:

1.7 Reporting Criminal Activity

Apps for reporting suspected criminal activity must involve local law enforcement and may only be offered in countries where such involvement is active.

Hookup apps are also aware

I’m not sure which app made headlines this time around, but Apple has been involved with this issue in the past.

1.1.4 Overtly sexual or pornographic material, defined by Webster’s Dictionary as “explicit descriptions or depictions of sexual organs or activities intended to stimulate erotic rather than aesthetic or emotional feelings.” This includes “hookup” apps that may contain pornography or are used to facilitate prostitution.

Legal weed is okay, but it has to be legal

Weed apps have been popular on the iPhone for years, and not because of a lack of rules. This is more about letting developers know that a certain narrowly defined category is allowed.

(ix) Apps that provide services in highly regulated areas (such as banking and financial services, healthcare, gambling, legal cannabis use, and air travel) or that require sensitive user information must be submitted by a legal entity providing the services, not an individual developer. Apps that facilitate the legal sale of cannabis must be geographically limited to the corresponding legal jurisdiction.

You don’t have to give Apple a discount on the sale of physical gift cards

Apple said there is no need to make physical purchases. Were physical gift cards an exception? Anyway, you don’t have to pay now.

Digital Gift cards, certificates, vouchers, and coupons that can be redeemed for digital goods or services can only be sold in your app through in-app purchases. Physical gift cards sold within an app and then emailed to customers can use payment methods other than in-app purchases.

Apple’s most arbitrary rules haven’t disappeared, they’ve been toned down

Of all the rules in the App Store, the “don’t add irrelevant information” is probably the easiest to abuse; developers like ProtonMail have told us it’s used to justify removing an app when there aren’t actually any relevant rules. It also annoys developers who think they need to be able to tell their users about the hoops they have to jump through to get into the store. It’s not gone, but it’s shorter now:

2.3.10 Make sure your app is targeting the iOS, iPadOS, macOS, tvOS or watchOS experience and do not include names, icons or images from other mobile platforms in your app or metadata unless there is specific, approved interactive functionality. Make sure your app metadata is focused on the app itself and its experience. Do not add irrelevant information, including but not limited to information about Apple or the development process.

Also, Apple is now more clear that — with certain types of apps, and outside of the app itself, and only if you somehow get their contact information from somewhere else — developers actually can tell their users they can pay outside the Apple Store:

Developers cannot use information obtained within the app to target individual users outside the app to use purchase methods other than in-app purchases (such as emailing an individual user about other purchase methods after that person has signed up for an account within the app). Developers can send messages to their users outside the app about purchasing methods other than in-app purchases.

That doesn’t solve the company’s anti-steering rules in the least, which came out prominently during the Epic-Apple trial, but it does make edge cases clearer.

Apple wants apps to let users be free

5.1.1 (v) Account Login: If your app doesn’t include important account-based features, let people use it without logging in. If your app supports account creation, you must also offer account deletion within the app.


Oh, and Roblox is still not a game at all

This section is all new:

1.2.1 Creator Content

Apps with content from a specific user community called “creators” are a great opportunity if properly moderated. These apps provide a unique, unified experience for customers to interact with different types of creator content. They provide tools and programs to help this community of non-developers write, share, and monetize user-generated experiences. These experiences shouldn’t change the core features and functionality of the native app, but they add content to those structured experiences. These experiences are not native “apps” coded by developers – they are content within the app itself and are treated by App Review as user-generated content. Such creator content may include video, articles, audio, and even casual games. The App Store supports apps that provide such user-generated content as long as they comply with all guidelines, including Guideline 1.2 for moderating user-generated content and Guideline 3.1.1 for payments and in-app purchases. Creator apps must share the age-rated content for creators with the highest age-rated content available in the app, and communicate to users which content requires additional purchases.

If you’re wondering what Apple is talking about here, here’s the TL;DR:

Apple doesn’t want to allow cloud gaming services like Stadia and xCloud in the App Store, so it told everyone that each game in a collection of games had to be approved individually — even though that rule didn’t exist until Apple retroactively added it. Then everyone pointed out that Roblox is a collection of games that are not individually approved, LOL. Apple argued at trial that Roblox is not a game, and Roblox amusingly agreed. Now Apple is now creating a whole new category of “Creator Content” to confirm why Roblox is OK, while other gaming platforms that contain masses are not.