Apple App Store: Difference between revisions

Apple uses a range of technical measures to protect their App Store ecosystem and reduce consumer choice. These measures obscure the company's business intentions, creating roadblocks for app developers and users, while typically citing security reasons for their existence. This actively hurts the ability for lawmakers to advocate for the rights of consumers and businesses in Apple's ecosystem, and prevents apps from being as useful as their customers expect.

A never-ending demand for a cut of every sale of a digital product, ranging from game currency, to supporting content creators,^[1] to booking a Zoom call with a local business,^[2] hurts the ability for app developers to innovate. These developers, working hard and pulling countless hours to build a quality app, always need to take Apple's (and Google's) demands into account - specifically, a fee of between 15% and 30% of all revenue collected via the app. This is revenue that can be reinvested into the app, but instead must be earmarked for the platforms they are required to use to reach their customers.

Because this is a clear problem, several governments, including South Korea,^[3] Japan,^[4] the European Union,^[5] the United Kingdom,^[6] Australia,^[7] as well as the US and a handful of states,^{[8][9][10][11]} have opened investigations into anti-competitive practices, or considered or already passed legislation to force "gatekeeper platforms" such as Apple to be more reasonable with third-party developers.

This being a major threat to Apple's revenue stream (interestingly, one they claim to be unsure is profitable^[12][13]), they have responded with practices such as geoblocking certain operating system functionality based on physical location,^[14] misrepresenting/overstating risks, and using careful wording with commonly-understood terms to describe unreasonably difficult-to-use systems.

Important terms you'll run into in this article:

• Sandbox: Reduces exposure of the user's device/data to security risks, by reducing what an app is allowed to do.
• Entitlements: Apple's method of "poking holes" in the sandbox, to give the app more permissions. Some are available to developers, while many are only available to Apple.
• Digital Markets Act: The European Union's fairly sweeping recent regulations against forcing companies they classify as "gatekeepers" to play nice, giving smaller businesses access to software/hardware features they've historically reserved for their own use.

Apple has been collecting users' credit card numbers since launching the iTunes Store in 2004. The launch of the App Store in 2008, followed by the introduction of in-app purchases (IAPs) in 2009, gave iPhone app developers the opportunity to sell app features to users. The IAP system is provided as a developer framework named StoreKit. Apps and their in-app purchases are managed through a dashboard named App Store Connect. App sales have eclipsed iTunes Store sales, and are now a primary focus of Apple's Media Services division.

Apple requires any purchase of a digital good or service in an app to use their in-app purchase system. This may seem reasonable because the customer may inevitably call Apple support, demanding a refund for an app they have issues with. Apple would rather give that refund and leave the customer with a positive support experience, than to provide a messy process involving contacting a third-party, whose customer service is likely nowhere near the same experience.

App Store purchase fees are between 15% and 30%. In September 2016, Apple expanded subscriptions to be available to any type of app, also introducing a 15% discount incentive when the user has already subscribed for a year.^[15] In November 2020, Apple introduced a reduced 15% fee for app developers with revenue below $1 million per year.^[16] For developers above this threshold, and for cases excluded from this program such as for games, the fee is 30%. In the 2008 announcement of the App Store, Apple considered this a reasonable, industry-standard fee. However, the way we use apps has significantly evolved since 2009 - the world has shifted to heavily depend upon on mobile apps, which have also evolved into more complex and sustainable business models than a simple one-time purchase.

Stripe, a popular platform used for payments on the web, uses a base fee of 2.9% plus a fixed $0.30 in the United States.^[17] With add-on services, before considering volume discounts, a Stripe transaction may rather have a cost of 6.4% + $1.10.^[18] Stripe has been used by businesses ranging from small online stores, to OpenAI for ChatGPT Plus. Competing payments services have similar or identical fees to Stripe. The in-app purchase system does not provide sufficient value to justify considerably higher fees than alternative payment platforms.

The App Store system poorly handles secondary marketplaces of digital services that exist within the primary App Store marketplace, such as Patreon. Apple, however, still requires companies in the business of selling digital services to use this inadequate system. This requires the app to account for Apple's fee, which is significant enough to often warrant increasing prices, and to follow rules even if they do not make sense for the nature of service they are providing. Apple has frequently been found in disputes with such apps. This injects extra complication at no benefit to the marketplace, the creator, or the customer - only to Apple, who has little to no involvement after delivering the initial app download to the user's phone. The significant fee also often drives app developers to consider building their app around an advertising model instead, creating privacy concerns.

Additionally, the 15% small businesses fee discount is judged based on the app's overall turnover, and is not based on individual creators in the app's marketplace. An app that turns over $1 million per year by providing services to creators that individually make less than $1 million per year does not have the opportunity to use the discount.

Apple, often together with Google, use lobbying efforts in the United States and other countries in an attempt to minimize the issues. "ACT | The App Association", pitched as an association of independent small business app developers, is at least 50% funded by Apple, and does not list its claimed 2,000 members.^[19][20] In March 2024, the United States Department of Justice along with 16 state attorneys-general filed a lawsuit against Apple, including an accusation that the company "extracts more money from consumers, developers, content creators, artists, publishers, small businesses, and merchants, among others".^[10] The future of this lawsuit is unclear as of April 2025.

Despite criticism of Apple forcing their fee into transactions with small businesses and creators on Patreon, Facebook, and similar platforms, on 23 January 2025, Apple announced the Advanced Commerce API. It "support[s] developers' evolving business models - such as exceptionally large content catalogs, creator experiences, and subscriptions with optional add-ons".^[21] While positioned as a way for such businesses to save development time and avoid ongoing costs by building on top of Apple's mature payments platform, its use is in fact necessary for these businesses to work within the App Store guidelines, as seen in cases outlined below. The feature requires submitting a description of the app's business model to Apple for approval. This continues a trend of requiring Apple's consent to conduct business in a place users have been trained to expect it.

Given Apple's strong incentives, and a ticking clock as legal pressure builds, it is not hard to find stories from app developers regarding poor experiences with Apple's app review process.

This list is extremely incomplete. Please add examples if you know of any.

Epic Games, Inc. is a video game developer and publisher, known for games such as Fortnite and Unreal Tournament, the Unreal Engine, and the Epic Games Store.

In 2018, Epic Games launched Fortnite on the iOS and Android platforms. The company made the unusual decision to not release the app on the Google Play Store - rather, it was made available as a standalone Android app package file (.apk), which must be installed by following a series of manual steps.^[22] The app was also released on the Samsung Galaxy Store. Google offered a $147 million deal for Epic Games to release Fortnite on the Play Store, which the company declined.^[23]

On 22 April 2020, Fortnite was finally released on the Play Store.^[24] In a statement, the company explained:

After 18 months of operating Fortnite on Android outside of the Google Play Store, we've come to a basic realization: Google puts software downloadable outside of Google Play at a disadvantage, through technical and business measures such as scary, repetitive security pop-ups for downloaded and updated software, restrictive manufacturer and carrier agreements and dealings, Google public relations characterizing third party software sources as malware, and new efforts such as Google Play Protect to outright block software obtained outside the Google Play store.

On 13 August 2020, Epic Games launched a campaign against both Apple and Google's app store business practices. The company released app updates on both platforms, introducing a method for purchasing V-Bucks in-game currency at a 20% discount by directly transacting with Epic Games, against the developer rules of both platforms. The platforms responded by removing the game from their storefronts. Epic Games then filed civil antitrust lawsuits against both companies in the Northern District of California.^[25] The campaign, branded "Free Fortnite", was later extended with lawsuits and complaints in Australia,^[26], the European Union,^[27] and the United Kingdom.^[28]

On 11 September 2021, Judge Yvonne Gonzalez Rogers decided on the case. While the lawsuit against Apple failed on 9 of 10 counts, Rogers ruled against Apple's use of "anti-steering" - their strategies of preventing the user from being "steered" to a third-party storefront for payment processing, placing a permanent injunction on this behavior.^[29] Despite the case mostly failing, the discovery process provided significant insight into Apple's decisions around App Store policies, including decisions made in major app review disputes, and in one case, executive Phil Schiller arguing to reduce the fee from 30%.^[30]

Epic Games and Apple both appealed the decision. 35 state attorneys-general, the Electronic Frontier Foundation (EFF), Microsoft, among others filed amicus briefs in support of Epic Games.^[31]

On 11 December 2023, the jury in the case against Google decided on all 11 counts in favor of Epic Games.^[32]

On 1 May 2025, Rogers found that Apple willfully chose to not comply with the 2021 injunction, commenting "that it thought this court would tolerate such insubordination was a gross miscalculation".^[33]

In August 2020, in response to the COVID-19 pandemic, Facebook introduced the ability for small businesses to accept an entrance fee for events. Previously, Facebook would only act as a way to RSVP for the event - the organizer must use a third-party event ticketing system to collect fees. The company pledged to not collect any fee on event sales "until 2023".^[34]

Apple disagreed, requiring the feature to use the in-app purchases system. This introduced Apple's 30% fee. As this increases the price the user pays, with no benefit to the small business the user intended to support, the fee was displayed as a line item in checkout. Apple did not accept this disclosure of the fee, referring to it as "irrelevant".^[2] Facebook was allowed to compromise on displaying the fee, but without indicating that it is specifically an App Store fee.

HEY.com is a paid webmail provider launched in June 2020 by long-time software company 37signals, specializing in inbox organization tools.

After successfully launching the initial version of the app on the App Store, the company announced that an update was rejected due to a complaint about the business model. The app did not intend to support in-app purchases - instead, the user is expected to already have an account with the service. Apple did not like this arrangement, and demanded the company build an in-app subscription option. The company argued that they are being held to a different set of rules than apps such as Netflix, whose app does not provide any way to purchase a subscription.^[35] After a suggestion from Apple executive Phil Schiller in the media, HEY introduced a 14 day free trial mode, which was approved.^[36][37]

In August 2024, Patreon announced a change in arrangement with Apple for its App Store app. From November 2024, subscriptions started from the iOS app would be required to use the in-app purchase system, bypassing Patreon's own long-standing payments practices.^[38][1] This change does not affect the Android app.

By forcing Patreon out of the payments pipeline, certain payment models are no longer available to users of Patreon's iOS app. Creators who rely on the "per-creation" payment model, as opposed to the standard "per-month", can no longer be subscribed to from the app. The app is also not able to support the "first-of-the-month" model, where payments from all subscribers are collected on the first day of the month, rather than every 30 days since each member's day of subscription. The price must also be rounded to a price tier supported by Apple.

Patreon provides creators with the choice to increase their prices by 30% in the iOS app, or to keep the same prices but forfeit 30% to Apple. Creators frequently remind potential supporters to not use the Patreon iOS app, adding extra inconvenience to those wanting to support the work of small creators.

• 
  "Maintain earnings and cover Apple's fee by increasing prices in iOS app" (Recommended)
• 
  "Keep prices in the iOS app the same and cover Apple's fee yourself"

A similar case occurred with the app Fanhouse in 2021.^[39]

In August 2021, Twitter introduced a feature named Super Follows (now Subscriptions), in which a user can pay a subscription fee to access more of a creator's content. For each user who enables Subscriptions, Twitter must submit a new in-app purchase SKU to the App Store, which will become available with the next update to the app.^[40] This, of course, is subject to the 30% fee. At the time of writing in January 2025, viewing the App Store listing reveals Elon Musk's $4.00 subscription as the fourth most popular IAP item.

Since 2015, Apple expects all Mac apps to be "notarized". This is a preliminary, automated malware check, which upon passing, provides a notary certificate that gets "stapled" to the app. Apple's explanation:

Notarization of macOS software is not App Review. The Apple notary service is an automated system that scans your software for malicious content, checks for code-signing issues, and returns the results to you quickly. If there are no issues, the notary service generates a ticket for you to staple to your software; the notary service also publishes that ticket online where Gatekeeper can find it.^[41]

Whether this is actually a better approach than used by Windows antivirus, where they find out about new malware samples only when they end up on a user's computer, is a separate topic.

To comply with the DMA's regulations on app marketplaces, Apple created a new channel of releasing apps outside of the iOS App Store. Apps go through a notarization process. But the process is definitely not notarization. The name is intentionally being abused, by contrast to notarization on macOS, to make you believe it is something other than the existing App Review system. Despite the pain some developers and users have with it, notarization on macOS has always been considered a net positive. It made sense to take advantage of its reputation for the entirely different "notarization" on iOS.

See for yourself - view the App Review Guidelines and tick "Show Notarization Review Guidelines Only". While most rules are knocked out by this, a good number of them are still in place. These apps are still reviewed and tested by the App Review team, must have a full product listing in App Store Connect, and can be outright rejected - all in the same way as an App Store app.

By contrast, all that is required for notarization on macOS is for your app to not be malware. You submit it to an automated system that approves it within minutes. You don't need to convince Apple your app is worthy of existing on their platform.

The point of macOS notarization is that Apple has a record of all binaries that are intended for wide distribution on macOS, and can review them both in advance and on a regular basis for known malware/common malware patterns. Say a malware app manages to initially get through, when Apple finds out, they can go back in the notary records and find every sample of that malware to analyze and block. This is purely a technical process, managed by skilled security researchers, while iOS app review and "notarization" is a business process, managed by workers who have been given a checklist of violations to look for.

Apple is retaining complete control over what's allowed to run on iOS. On macOS, you can choose to run apps that have not been notarized (even though the process to bypass the warning is intentionally difficult). On iOS, you never get even that option. What Apple created is the App Store but with more steps. It still goes on the App Store, just hidden so it can only be installed by the third-party store it's tied to.

• Mysk: "iOS should enable alternative marketplaces to add their own links when users share their apps. Links still point to the App Store and if the app is not available there, this happens."^[42]

The following paragraph is highly technical, if it's too technical for you to understand all you need to know is that: JIT allows for extremely fast programs/apps and due to its fast nature it's used almost everywhere, and is a massive improvement over older code interpreters.

JIT, which stands for Just-In-Time, is a method of code execution where code, instead of being compiled before being distributed (like an EXE), gets compiled into machine code in real time right before being executed. This method of code execution allows for much faster website loading times, faster emulation, faster program execution (with programs written in JavaScript, Python, Lua...) compared to interpreters, which instead translates code into machine code line by line, which is much, much slower; JIT also employs many more optimization techniques meant to improve performance.

Safari is allowed to use JIT to compile code from any site, same with Apple's Playgrounds app on iPad. Playgrounds bundles Apple's Swift compiler, and shares backend code with the version of Playgrounds found in Xcode.

Third-party apps like Pythonista (a Python IDE), emulators like Delta and UTM and terminal environments like iSH are not allowed to use JIT, instead having to interpret code, which comes with serious performance degradation and is more computationally expensive, potentially draining more battery.

An example of apps being heavily affected by this restriction is UTM. UTM is a port of QEMU for iOS, iPadOS and MacOS, allowing users to create VMs that can run various OSes, for example Microsoft Windows. The iPhone's hardware capable enough to emulate various modern OSes at full speed, but due to Apple's JIT limitation, the team behind UTM had to create UTM SE (slow edition) that doesn't require JIT, but is nowhere near as fast as UTM with JIT, only being capable of running MS-DOS and derivatives at acceptable speeds. While methods that enable JIT for apps other than Safari and Playgrounds exist (some currently working on iOS 18.5, like StikDebug), Apple does not allow the use of JIT in notarized apps, meaning that apps that support JIT will have to be sideloaded, which comes with its own set of restrictions.

In the EU, Apple gave web browsers permission to use rendering and JavaScript engines other than the built-in with Apple WebKit/JavaScriptCore, with the option for JS engines to use JIT. The browser still has to be approved by Apple for an entitlement, and then must work within APIs provided by Apple for it. But, as of January 2025, no browsers that use different engines than the built-in ones have been released, mainly due to arbitrarily imposed restrictions, meant to discourage the usage and development of third-party engines.^[43]

However, Apple still does not allow different engines outside of the EU, with or without JIT support.^[44]

Sandboxing is a powerful security feature used on all modern platforms, from Windows to iOS, and it's used because most programs need only a few basic permissions. While sandboxing is a great security measure, sometimes users may want to develop or create programs that run outside of the sandbox, with less restrictions. When a program needs extra permissions outside of what the sandbox normally allows, the user is prompted with a permission prompt, useful when some very basic programs (like a flashlight app) need access to sensitive information like contacts.

As established in previous sections, a program can be given more access to features of the system using entitlements. These come in different types:

• Completely safe: Entitlements any developer can opt into, with little to no risk.
• Approval required: Entitlements that might be more of a security risk to allow, e.g. giving considerably wider access to the system, or that Apple simply doesn't want to hand out to just anyone for competitive reasons. The developer must submit a request to Apple with evidence of why they need the entitlement.
• Private: Entitlements that are never allowed for any app developer to use. Many of these are reasonably fenced off because they handle user data that is very risky, or bypasses permission prompts and so on, but can just as well also be guarding features Apple wants to keep to itself.

There have been exceptions where Apple quietly gave a company access to private entitlements anyway, raising eyebrows.

On iOS, you also can't be more secure than the default, strictest sandbox. On macOS, there are several entitlements you must declare to decide whether you're allowed to access certain types of user data at all. Android used this design from the very start - you can't even do fundamental things like access the internet without declaring it in your manifest. It makes it very explicit what the app's intentions are.

iOS has one sandbox used by all App Store apps. System apps, and App Store apps developed by Apple, are allowed to expand or reduce their sandbox permissions as needed. Third-party apps do not get the right to expand or reduce their sandbox permissions at all. This is clearly less secure. To take the example of Playgrounds again, while it's allowed to run your code from a separate process executing in an ultra locked down sandbox with very few permissions, competing apps such as Pythonista must run your code in the same sandbox and address space as the main app process. The Python interpreter crashing would therefore crash the entire app, possibly losing work. In the worst case, a vulnerability in third-party code could give access to all data stored by/accessible to the app. For example, it would be a nightmare if you can tap the wrong link in Safari and have a hacker easily steal your cookies from other websites. If that third-party code could run in its own limited sandbox, the risk is significantly reduced.

The only known workaround is to execute the code via JavaScript, as Apple's JavaScriptCore engine runs in a heavily sandboxed process. This requires you to port the code to JS, which may be a lot of work, or just not viable. You wouldn't want to run the Python interpreter inside JavaScript - the performance would be terrible!

Safari's in-app browser, that is the minimal version you get when tapping a link from social media, uses an entirely separate data store for each app. The in-app browser isn't aware of cookies in the "full" Safari app, or any other app, and doesn't support Safari extensions. Apple claimed this was to protect malicious apps from stealing or setting cookies in Safari without your knowledge, which is a fair argument, but it's hard to not notice that it makes web browsing inconvenient, encouraging users to install native apps, where they can make transactions through Apple.^[45]

This also means your browsing in the in-app browser is just forgotten - there's no history menu, and it doesn't get logged to the history in the full Safari app either. Good luck recalling that article you read a few weeks ago.

• Eligibility
• Posts written by an author of this article:
  • The iOS 17.4 app marketplace flow is a disaster
  • How I tricked iOS into giving me EU DMA features
  • Features controlled by iOS 17.4's eligibility system