How to Pass a Manual App Store Review: App Store Review Guidelines

What is a manual review?

A manual review is the process of checking applications for compliance with all requirements, executed by the Apple team. It must be completed before the first publication of the application in the App Store and before each update.

To submit the application for the initial review:

1. Sign up for the Apple Developer Program.
2. Create a developer account and pay the annual $99 subscription fee.
3. Make sure the app meets all the requirements of the App Review Guidelines.
4. Download the app via the App Store Connect.
5. Submit it for review by clicking Submit for Review.

As a general rule of thumb, the verification process takes 1-3 business days.

To check the app before updating:

1. Download the latest version via the App Store Connect.
2. Update the metadata (for example, description or screenshots if they have changed since the update).
3. Include a comment for the review team (for example, if you want to use a specific test account for testing).
4. Submit the latest version for review.

A review is required for updates that include functional changes and bug fixes. However, if the changes occur only on the server side and do not require an update to the client application, a review is not necessary.

The review process for updates takes 1-2 days on average.

Preparing for the initial review

Even during the app development stage, review Apple's basic checklist to help you prepare for the initial review. If any requirements are not met, the launch may be delayed.

1. Test the app for bugs and crashes.
2. Make sure that metadata and other information are accurate and complete.
3. Update your contact information.
4. Provide the App Review team with full access to the app.
5. Enable internal services. For example, if launching an online store, ensure that purchasing tools are functional.
6. Add detailed documentation for any non-obvious features in the review notes.
7. Check the app for compliance with the following guidelines:

• documentation for developers: SwiftUI, UIKit, AppKit, App extensions, Optimizing Your App’s Data for iCloud Backup, Apple File System and App Store Connect Help, Developer Account Help;
• design guide: Human Interface Guidelines;
• brand and marketing guidelines: Marketing Resources and Identity Guidelines, Apple Pay Marketing Guidelines, Add to Apple Wallet Guidelines and Guidelines for Using Apple Trademarks and Copyrights;
• notarization of iOS and iPadOS applications in the EU: Notarization.

Basic App Store requirements

Apple's team of editors checks every app for malware that could compromise user security and privacy. The App Store also places great importance on content related to children. This commitment helps maintain high standards, making it one of the safest platforms for users worldwide.

I will briefly outline the main requirements of Apple's App Review Guidelines.

Requirement 1: Security

Ensuring user safety and compliance with ethical standards are key requirements for applications in the App Store.

1. Offensive, discriminatory or inappropriate content is prohibited:

• Insults to religion, race, and gender;
• Depictions of violence against people and animals;
• Calls to buy or illegally use weapons;
• Images of a sexual nature;
• False information.

2. All applications with user-generated content should have built-in anti-abuse features that allow for:

• Setting up a filter and blocking unwanted content;
• Leaving a complaint and receiving a prompt response;
• Blocking users.

For example, the Instagram app uses AI to filter out prohibited comments and images. It also allows users to report content and block others.

3. Applications for children must not collect users' personal data or device information. Third-party analytics or advertising services may access this information only under strict confidentiality conditions.

The following are not allowed in apps that fall under the Kids category:

• External links;
• Advertising;
• Purchases without parental control. 

Parents should be able to navigate to the Screen Time > Content and Privacy Restrictions section on their child's device to manage in-app purchases and downloads, as well as change privacy settings.

4. The App Review team keeps a close eye on applications that may pose a physical threat:

• Medical applications must not provide incorrect data.
• Applications may not encourage the use or promote the sale of tobacco, alcohol, drugs or gambling;
• Encouraging participation in dangerous activities (e.g., extreme challenges) is prohibited.

5. The application may be rejected if you do not provide up-to-date contact information for communication with users.

6. Ensure that user data is protected by following the Apple Developer Program License Agreement.

Requirement 2: High performance

Before submitting the application for review, make sure it is ready.

1. Complete the application:

• Delete temporary elements;
• Use only working links;
• Do not use hidden features;
• Ensure that in-app purchases are displayed properly and work correctly.

2. Carefully customize the app's text and image metadata (title, subtitle, description, preview, screenshots, and videos). A few recommendations:

• Select the correct category;
• Screenshots and videos in the App Store should demonstrate the use of the application, its current functionality and interface;

• Clearly describe in-app purchases.

3. Metadata for In-App Events must be correct, up-to-date, and contain a deep link to the relevant section of the application.

4. Test the app for stability on Apple devices:

• Avoid overloading the device or draining the battery quickly;
• Wherever possible, iPhone apps should be compatible with iPad;
• Apple TV apps should function with the Siri Remote without requiring additional devices.

5. Consider the basic software requirements:

• Applications should use only public APIs and run on the current version of iOS;
• Downloading, installing, or executing code that alters the app's functionality is prohibited;
• Background services should be used only for their intended purpose.

If an app is designed as a photo editor, it shouldn't store or transmit any personal data, because that's not its intende purpose.

6. Be sure to provide a demo account or demo mode for apps that require authorization so that the Apple team can review their functionality.

An app with obvious technical issues will be rejected, so thoroughly beta test it with Test Flight. And be sure to meet all public release requirements.

Requirement 3: Original and user-friendly design

There is a list of requirements for app design. Let me tell you about the most important ones.

1. Copies of applications are prohibited — clone applications will be removed from the store. It is also forbidden to create several identical applications under different Bundle IDs. This is considered spam.

2. The app should provide useful features that set it apart from a regular website. Without unique features, it may be rejected and redirected.

3. ARKit (a framework for creating augmented reality applications) should deliver a fully integrated and immersive AR experience.

4. The application should work autonomously.

5. It is important to comply with the following documentation when creating extensions:

• App Extension Programming Guide;
• Documentation for Safari (The Safari app extensions documentation and The Safari web extensions documentation).

6. If the app provides access to the Apple Music library:

• Comply with the requirements of the MusicKit documentation;
• Do not monetize access to MusicKit without special permission;
• Ensure transparent use of user data and transactions.

7. If you use a third-party service for authorization (Google, Facebook, LinkedIn, etc.), provide an alternative way to log in with minimal data transfer.

8. For recurring payments, provide users with at least the minimum required information when using Apple Pay:

• A list of functions they will receive;
• The period of use and the cost of the subscription;

• Make sure that the subscription will be active until it is canceled and provide instructions on how to do it.

9. Do not monetize built-in features such as a camera or gyroscope.

Requirement 4: Clear monetization

1. Make monetization transparent:

• Clearly explain the business model in the metadata and review notes — an unclear model or target audience may delay the review or result in rejection.
• If you are suspected of inflating prices or attempting to deceive users, your app will not pass the review.

2. Purchasing ratings and reviews will result in the removal of the app and its exclusion from the Apple Developer program.

3. Payment and in-game purchases:

• To activate in-app purchases, use In-App Purchases;
• Do not use custom content unlocking mechanisms that are not specified in the App Store guides;
• If the application has loot boxes, which are virtual containers containing a random set of in-game items (skins, weapons, characters, etc.), you must disclose the odds of getting each type of item before purchase;
• Ensure that the free trial period functionality works.

4. Subscriptions must be of ongoing value and available on all devices. It’s prohibited to:

• Force actions, such as giving an app a high rating, in order to provide access to functionality;
• Deceive users — this will result in the removal of the application and its exclusion from the Apple Developer program.

5. There is a limited list of apps that may integrate alternative payment methods (except for subscriptions and in-app purchases). These are:

• Readers — can offer access to previously purchased content;
• Multiplatform services — provide content purchased on other platforms;
• Services for enterprises;
• Applications that help perform services between two people in real-time.

6. Regarding cryptocurrencies:

• Storing virtual currency on devices is allowed, but mining is prohibited;
• Cryptocurrency transactions are permitted only in countries where they are licensed and legally allowed.

Requirement 5: Compliance with the law

Apps must comply with the law. Here is what you need to pay special attention to.

1. In your privacy policy, clearly state what user data you collect and how you use it.

2. Be sure to obtain the user's consent to collect data, including anonymous data. This consent must not be a condition for accessing paid features.

3. Ask users for permission to share data with third parties for advertising or app improvement purposes. If data collected for one purpose will be used for another, obtain additional consent.

4. Only request an account login if it is justified. The application should function without registration.

5. Request access only to the data essential for the app's functionality.

6. Use geolocation services only when justified by the application's purpose. Collect location data with user consent.

7. Ensure that all content is either licensed or created by you.

8. Do not imitate Apple products or claim your app is approved by Apple.

It is strictly prohibited to:

• Covertly obtain user data such as passwords or other personal information;
• Manipulate user permissions (for example, an app for posting photos on social media should not request access to the microphone before sending a photo);
• Collect data on applications installed on a device;
• Transfer or use personal data without user consent;
• Use health data for marketing purposes.

For applications that conduct research, the following is necessary:

• Participant consent;
• Approval from an independent ethics committee.

For risk-free surveys, these requirements may be simplified. However, medical studies must adhere to strict standards.

Regarding apps for children:

1. Comply with the requirements of COPPA (Children's Online Privacy Protection) and GDPR (European Union's General Data Protection Regulation), as well as other privacy laws.
2. Do not place ads or collect analytics, except in rare cases.

Review: approval, rejection and appeal

Here’s what happens after the app is sent for review.

1. On average, the review process takes 8 to 24 hours. The App Review team strives to make the review quick, but if the app is complex, the process will take longer. In a critical situation, you can request an expedited review—however, be honest, as providing false information may result in the rejection of future projects.
2. If the app is approved, it takes about a day to be published across all App Store sections (Today, Apps, etc.). If a future release date is set, the app will not be published until that time.
3. In case of rejection, the process may be delayed months. But you will receive detailed feedback from the App Review team, allowing you to address issues in the next version.
4. You can file an appeal if you disagree with the review result. To do this, you need to respond to the feedback. In your appeal, you can suggest improvements to make changes to Apple's guidelines.

You can track the current status of the review in the App Store Connect.

Common reasons for failure according to RadASO

I've compiled our team's experiences to highlight the most common issues we encounter. The App Review team conducts a thorough evaluation of an app that is about to be released for the first time, and rejections can happen for various reasons.

1. Make sure to include sufficient real interface images in your screenshots. For example, three screenshots with mockups of the interface and three more promotional images featuring popular products are not enough. You need to add additional screenshots of actual UI elements.
2. Don't use your smartphone's motion capture (mocap) for video as this may be grounds for a rejection.
3. Use brand names carefully in the visible part of the metadata. For example, the phrase "for Samsung" can trigger a rejection, even though you were simply trying to indicate compatibility.
4. Do not mention Android. The phrase "This is a universal remote control for Apple, Samsung, and Android smart TVs" will result in a rejection.
5. In-App Events must comply with Apple’s guidelines. In some cases, I had to create multiple versions of an event before finding an acceptable approach. Be sure to read the rejection reason carefully and adjust accordingly.

The In-App Events review team is unavailable from Friday evening to Sunday evening. You will receive a review update on Sunday evening (CET).