Your Web News in One Place

Help Webnuz

Referal links:

Sign up for GreenGeeks web hosting
May 24, 2022 05:35 pm GMT

Appstore submission: Does your app use encryption? How to determine if your app contain encryption?

We usually see this question from Apple while preparing our app for Appstore submission. From my own experience and the talks I had with my friends in iOS dev community, I am pretty sure that most of us were confused with this question and even more confused with the description Apple provided below this question.

Developers including me used to google a bit at the time of Appstore submission regarding this and we all have gone with 'YES' and often 'NO' here. But what exactly are Apple intending with these questions? and how should we select the appropriate option?. Let's dig in.

Should I select 'Yes' if I am using https to connect to the server?

The answer to this question is simply YES. We should select yes option even if we only used 'https' to connect to the server and did not use any other standard encryptions in our app, because Apple consider https as a standard encryption itself.

When should I select 'No' option?

If your app does not even use https for server communication(which is very rare these days) you can select 'NO' here. But using 'http' protocol for server communication implies you to set 'Allow Arbitrary Loads' to 'True' under 'App Transport Security Settings' in info.plist.

If you select 'Yes' option to this question, The next question will be

Image description

Does your app qualify for any of the exemptions provided in Category 5,
Part 2 of the U.S. Export Administration Regulations?

Below this question, We have the following description.

_Make sure that your app meets the criteria of the exemption listed below.
You are responsible for the proper classification of your product.
Incorrectly classifying your app may lead to you being in violation of
U.S. export laws and could make you subject to penalties,
including your app being removed from the App Store.

You can select Yes for this question if the encryption of your app is:
(a) Specially designed for medical end-use
(b) Limited to intellectual property and copyright protection
(c) Limited to authentication, digital signature, or the decryption of data or files
(d) Specially designed and limited for banking use or money transactions; or
(e) Limited to fixed data compression or coding techniques

You can also select Yes if your app meets the descriptions provided in Note 4 for Category 5, Part 2 of the U.S. Export Administration Regulations. _

If my app uses Apple Keychain, Will it fall under any of these exceptions?

Yes. It will fall under category _(c) Limited to authentication, digital signature, or the decryption of data or files _

If my app uses third party encryption libraries, Will it fall under any of these exceptions?

Most of the third party encryption libraries available for iOS uses standard encryption and decryption algorithms that are recognised world wide. Apple has added these standard encryption methods under exception in category c.Thus if you are using these common encryption libraries in iOS, You can answer 'YES' to this question.

In which case my app does not fall under any of these exceptions categories?

If you use some custom encryption algorithm(usually created by the developers of the application itself) in your app, you should select 'NO' here.


Original Link: https://dev.to/akhil_karonnon_/appstore-submission-does-your-app-use-encryption-how-to-determine-if-your-app-contain-encryption-2gab

Share this article:    Share on Facebook
View Full Article

Dev To

An online community for sharing and discovering great ideas, having debates, and making friends

More About this Source Visit Dev To