Our Insights Post 10 mins Arran Kirkup Moving the App Store Goalposts In the ever-evolving landscape of mobile application development, staying updated with the latest policy changes in the app stores is crucial. Often when we are approached by businesses with their own applications operating in the app stores it’s because they’ve fallen foul of changes to the policies and are dealing with the potential (or actual!) removal of their applications from the stores. This article will delve into a few of the recent significant updates in both the Apple App Store and Google Play Store that could impact your app’s presence on these platforms. We’ll discuss changes related to user account management, Dark Mode implementation, API usage, customer contact rules, and handling of outdated apps. We’ll also touch upon Google’s new SDK requirements, ad policies, content guidelines, and restrictions on permissions and APIs that access sensitive information. By understanding these updates and adapting accordingly, developers can ensure their apps remain competitive, compliant, and user-friendly in the rapidly evolving digital marketplace.How to keep on top of these changes Keeping on top of and implementing changes in your app to comply with Apple and Google’s new policies involves several steps: Understand the Changes: Review the updated policies and guidelines provided by Apple and Google. This includes understanding the new restrictions on permissions and APIs, ad policies, content guidelines, and SDK requirements. We find it useful to be subscribed to relevant content such as the TLDR newsletter as often these changes will be flagged there. Unfortunately it does often also require periodically checking for changes yourself in the guidelines. Apple updates its App Store Review Guidelines regularly and you can find the latest changes on the Apple Developer website. They provide details on design, app review, and marketing criteria, with best practices, case studies etc Google also updates its policies regularly and you can find the latest policy updates on the Google Play Developer Policy Center. They provide information on restricted content, impersonation, intellectual property, privacy, deception and device abuse, monetisation and ads, store listing and promotion, spam and minimum functionality, malware, families etc Review Your App: Analyse your app to identify areas that may be affected by the new policies. This could include features that use restricted permissions or APIs, content that may violate the new content guidelines, or outdated SDKs. Make Necessary Changes: Update your app to comply with the new policies. This could involve modifying how your app uses permissions and APIs, updating your app’s content, or updating the SDKs used in your app. Test Your App: Thoroughly test your app to ensure it works correctly with these changes and that it adheres to all of the new policies. Update Your App Description: Make sure your app’s description on the store is up-to-date and accurately reflects your app’s functionalities and the permissions it requires. Permissions can often be a particular bugbear as both Apple and Google have made privacy and permission core focusses of recent changes. Submit Your App for Review: Once you’ve made all necessary changes and tested your app, submit it for review. We’ve found that sometimes this can depend a little on the individual interpretation of the reviewer and unfortunately this process can take a little while with both Apple and Google. Not what you need when your app has been removed from the store! Remember, it’s important to regularly review the app store policies as they can change over time. User Account Deletion Apple has introduced a new policy that mandates developers to offer easy account deletions (including stored personal data) within any app that allows users to create an account. This change took effect from June 30th 2023 though it is possible to request an extension to this timeline and some of our clients have successfully applied for this. This policy change means that developers must ensure that the account deletion option is easy to find in their app. If an app offers Sign in with Apple, developers will need to use the Sign in with Apple REST API to revoke user tokens when deleting an account. It’s insufficient to only provide the ability to temporarily disable or deactivate an account. People should be able to delete the account along with their personal data. From our experience it is currently possible to successfully circumvent this by linking out to a simple web form which requests deletion of the account and manually delete any requested accounts within 30 days though this may not work as a longer term solution. Google Play Store has also introduced a similar policy update. Starting from December 2023, apps must comply with User Data – Account Deletion policy update. This means that developers must ensure that users can easily delete their accounts and associated data from within the app. We suspect that the workaround above will work fine here as well but we have yet to test this approach. Target API Changes Apple has made changes to its API usage policies. Starting from the release of iOS 17, tvOS 17, watchOS 10, and macOS Sonoma to the public, developers will be notified about submitting apps using a Required Reason API without describing the reasons for using it. From spring 2024, apps that use these APIs without a valid reason will be rejected. Apple explains that developers will need to select from one or more of the “approved reasons” that explain how their app will use the API, and then the app can only use the API for those stated purposes. Among the APIs impacted are those around file timestamps, disk space, system boot time, active keyboard and user defaults. In addition, Google has also updated its Target API policy. Starting from August 2023, apps must target API 31 or newer to stay available and API 33 to submit. New apps must use Play Billing Library 5 or newer. Dark Mode In both app stores Dark Mode is currently heavily encouraged but not mandatory. It inverts the traditional dark text on a bright background, placing light-coloured text on darker backgrounds. This can be easier to see, save battery on some screens, and make it easier for anyone to use a device in a low-light environment. As for whether Dark Mode will be mandated in the future, it’s hard to say. We are erring on the side of caution here as we feel it’s likely to be mandated at some point due to the energy saving potential and increasing popularity among users. With this in mind we encourage clients to invest in both dark and light modes when developing new applications and updating older ones. Upcoming changes in the Apple App Store API Usage: Apple has introduced a new policy that requires developers to explain why they need access to select data. This policy is designed to crack down on the misuse of APIs, particularly those that can be misused by developers to collect data about users’ devices through “fingerprinting”. The requirement will go into effect by the end of 2023. Pre-orders by region: Developers can now offer their apps for pre-order on a regional basis. This allows you to build awareness and excitement for your upcoming releases, even while your app is available for download in other regions. Apple notary service update: If you notarise Mac software with the Apple notary service using the altool command-line utility or Xcode 13 or earlier, you’ll need to transition to the notarytool command-utility or upgrade to Xcode 14 or later. Starting November 1, 2023, the Apple notary service will no longer accept uploads from altool or Xcode 13 or earlier. Game Center entitlement and configuration requirement: New apps and app updates for iOS, iPadOS, or tvOS offering Game Center features need to include the Game Center entitlement in the entitlements list and have Game Center features configured in App Store Connect before you can submit them to the App Store. Upcoming Changes in the Google Play Store SDK Requirements: Google Play Store is updating its SDK Requirements to include guidelines for a recently announced Deceptive Behaviour policy update. Ads: Google Play Store is centralising existing ads requirements to make it easier for you to find this information. Inappropriate Content: Google Play Store is updating the examples in its Tobacco and Alcohol policy to clarify its existing policy. Real-Money Gambling, Games, and Contests: Google Play Store is updating its Real-Money Gambling, Games, and Contests policy to reflect completion of the Online Crane Games pilot program in Japan. Permissions and APIs that Access Sensitive Information: Google Play Store is introducing a new restricted permission requirement for Exact Alarm API, stating that apps must only declare this permission if their core functionality requires an exact alarm. Deceptive Behaviour: Google Play Store is adding new guidelines to its Deceptive Behaviour policy to provide guidance on “non-transparent behaviour.” Developers must make the app’s functionality clear to users. Conclusion Staying compliant with these changes is not a one-time effort. It requires a continuous commitment to understanding and implementing new policies as they are rolled out. This involves regular review of updated guidelines, thorough analysis of your app for potential impacts, making necessary modifications, rigorous testing, and updating your app’s store description. However, this process can be time-consuming and complex. If you’re a business that cannot afford to dedicate the required time and resources to this task, partnering with an expert app agency like Indiespring can be a game-changer. With our expertise and focus on app store guidelines, we can ensure your app remains competitive, compliant and user-friendly in the rapidly evolving digital landscape.