Appstore submission: Does your app use encryption? How to determine if your app contain encryption?

We normally see this query from Apple whereas making ready our app for Appstore submission. From my very own expertise and the talks I had with my associates in iOS dev group, I’m fairly positive that the majority of us had been confused with this query and much more confused with the outline Apple supplied under this query.

Builders together with me used to google a bit on the time of Appstore submission concerning this and all of us have gone with ‘YES’ and infrequently ‘NO’ right here. However what precisely are Apple intending with these questions? and the way ought to we choose the suitable possibility?. Let’s dig in.

Ought to I choose ‘Sure’ if I’m utilizing https to connect with the server?

The reply to this query is just YES. We must always choose sure possibility even when we solely used ‘https’ to connect with the server and didn’t use every other customary encryptions in our app, as a result of Apple take into account https as an ordinary encryption itself.

When ought to I choose ‘No’ possibility?

In case your app doesn’t even use https for server communication(which could be very uncommon today) you may choose ‘NO’ right here. However utilizing ‘http’ protocol for server communication implies you to set ‘Enable Arbitrary Masses‘ to ‘True‘ beneath ‘App Transport Safety Settings‘ in data.plist.

If you choose ‘Sure’ choice to this query, The subsequent query can be

Does your app qualify for any of the exemptions supplied in Class 5,
Half 2 of the U.S. Export Administration Laws?

Under this query, Now we have the next description.

_Make positive that your app meets the standards of the exemption listed under.
You might be answerable for the right classification of your product.
Incorrectly classifying your app might result in you being in violation of
U.S. export legal guidelines and will make you topic to penalties,
together with your app being faraway from the App Retailer.

You’ll be able to choose Sure for this query if the encryption of your app is:
(a) Specifically designed for medical end-use
(b) Restricted to mental property and copyright safety
(c) Restricted to authentication, digital signature, or the decryption of knowledge or information
(d) Specifically designed and restricted for banking use or “cash transactions”; or
(e) Restricted to “mounted” information compression or coding strategies

You can even choose Sure in case your app meets the descriptions supplied in Notice 4 for Class 5, Half 2 of the U.S. Export Administration Laws. _

If my app makes use of Apple Keychain, Will it fall beneath any of those exceptions?

Sure. It’s going to fall beneath class _(c) Restricted to authentication, digital signature, or the decryption of knowledge or information _

If my app makes use of third social gathering encryption libraries, Will it fall beneath any of those exceptions?

A lot of the third social gathering encryption libraries out there for iOS makes use of customary encryption and decryption algorithms which are recognised world extensive. Apple has added these customary encryption strategies beneath exception in class c.Thus in case you are utilizing these widespread encryption libraries in iOS, You’ll be able to reply ‘YES’ to this query.

Through which case my app doesn’t fall beneath any of those exceptions classes?

In the event you use some customized encryption algorithm(normally created by the builders of the applying itself) in your app, you need to choose ‘NO’ right here.

Add a Comment

Your email address will not be published. Required fields are marked *