Apple is releasing a new version of its App Store Review Guidelines today, its lengthy document that sets out the rules for what apps must follow in order to be published on the App Store. Among the more notable changes taking place today are several sections that will see Apple take a tougher stance on App Store fraud, scams and developer misconduct, including a new process that aims to empower other developers to hold bad actors accountable. is.
A major update on this front includes changes to Apple’s code of developer conduct (sections 5.6 and 5.6.1-5.6.4 of the Review Guidelines).
This section has been significantly expanded to include guidance stating that repeated manipulative or deceptive behavior or other fraudulent conduct will result in the developer being removed from the Apple Developer Program. This is something that Apple has repeatedly violated, it claims, but now wanted to make sure that was clearly spelled out in the guidelines.
In an entirely new third paragraph in this section, Apple states that if a developer engages in activities or actions that are not in accordance with the Developer Code of Conduct, their Apple Developer Account will be terminated.
It also details what, in particular, must be done to restore the account, including providing Apple with a written statement detailing the improvements they have made, which will need to be approved by Apple. If Apple is able to confirm that the changes have been made, it can restore the developer’s account.
Apple explained in a press briefing that the change was to prevent a type of catch-and-release scenario where a developer gets caught by Apple but later reverts their changes to continue with their bad behavior.
As part of this update, Apple added a new section about developer identities (5.6. This is to ensure that the contact information for developers provided to Apple and customers is accurate and functional, and that the developer is not impersonating other, legitimate developers on the App Store. This was a particular issue in a high-profile incident of App Store fraud involving a crypto wallet app that locked a user out of his life savings (~$600,000) in bitcoin. The scam victim was duped because the app was using the same name and icon as a different company that made the hardware crypto device, and because the scan app was rated 5 stars. (Illegally, that is).
Related to this, Apple clarified the language surrounding App Store discovery fraud (5.6.3) to more specifically call out any form of manipulation of App Store charts, searches, reviews, and referrals. The former would mean cracking down on an apparently booming industry of fake app store ratings and reviews, which could send scam apps up in the charts and searches.
In the meantime, the referral crackdown will address consumers in an effort to promote installs showing inaccurate pricing outside the App Store.
Another section (5.6.4) addresses problems that may arise after an app is published, including negative customer reports and concerns and exorbitant refund rates, for example. If Apple notices this behavior, it will investigate the app for violations, it says.
Of course, the question here is: Will Apple really notice potential scammers? In recent months, a growing number of developers believe that Apple is letting too many scammers fall through the cracks of app reviews.
A particular thorn in Apple’s side has been Flexi Keyboard app founder Costa Eleftherio, who is suing Apple not only for the revenue he personally lost to scammers, but for exposing some of the more egregious scams. A one-man bunko squad was also created for the date. This includes the above mentioned crypto scam; a children’s game that actually contained a hidden online casino; And one VPN app is duping users out of $5 million per year, among many others.
The rampant fraud taking place on the App Store was also brought up during Apple’s antitrust hearing, when Senator John Osoff of Georgia asked Apple’s Chief Compliance Officer Kyle Ander why Apple has not been able to detect scams because They are “trivially easy” to identify.
Apple then downplayed the concerns, and continued to do so through press releases like this one detailing how the App Store intercepted more than $1.5 billion in fraudulent transactions in 2020.
But a new update to these guidelines appears to be an acknowledgment that Apple may need a little help on this front. It added that developers can now directly report potential breaches found in other developers’ apps. Through a new form that standardizes these types of complaints, developers can point out violations of the guidelines and any other trust and security issues they discover. Often, developers notice scammers whose apps are affecting their own business and revenue, so they will likely turn to this form as a first step in dealing with scammers.
Another change would allow developers to appeal a disapproval if they felt there was any sort of unfair treatment, including political bias. Previously, Apple allowed developers to appeal against App Store decisions and suggest changes to the guidelines.
Apple told us that it has 500 app reviewers covering 81 languages who see new scenarios daily that need to be included in updated guidelines and policies. Apple says it takes what it learns from these individual issues to invest in its systems, algorithms and training so that it can prevent similar issues in the future. The company believes the new Code of Conduct rules, in particular, will give the necessary tools to better crack down on App Store fraud.
Rules about scams are just a few of the many changes going on with today’s updated App Store review guidelines.
However, there are a few others worth highlighting as well:
- Apple clarified the rules around “hookup” apps to ensure that developers understand porn and that prostitution is not allowed on the App Store — an issue often with fly-by-night hookup apps, which allow users to Bait and switches.
- Creator content apps are instructed to comply with the rules for user-generated content when applicable, which means they must have content blocking, reporting, and strong moderation.
- Apple added licensed pharmacies and licensed cannabis dispensaries to facilitate purchases, provided they are legal and geogated.
- Apps that report criminal activity require developers to work with local law enforcement. (Citizen is a recent example of an app when users fell victim to the wrong person. That level of carelessness is now coming to an end.)
- Ads for bait-and-switch marketing and app pricing are not allowed.
- Cellular carrier apps can now include other types of subscription apps in addition to music and video services.
- Apple clarifies that developers can communicate with anyone over email, but says they cannot target customers received through the App Store with messages about how to make purchases outside the App Store.
- Apple has enough game apps to drink. Stop sending them in.
- Apps that offer account creation must also offer account deletion.
- Other clarity was added around in-app purchases for gift cards, app metadata, bug fix submissions, and more. But these were not big changes.