The App Store adheres to strict requirements for app quality, functionality, design, and security. These rules can be a real challenge, both during the initial publication and subsequent updates.
In this article that is definitely shorter than the App Review Guidelines), I will briefly outline what requirements you should pay special attention to. I will also share insights from RadASO’s experience.
Even more insights from ASO & UA pros in ASO Busters on Discord!
A manual review is the process of checking applications for compliance with all requirements, executed by the Apple team. It must be completed before the first publication of the application in the App Store and before each update.
To submit the application for the initial review:
As a general rule of thumb, the verification process takes 1-3 business days.
To check the app before updating:
A review is required for updates that include functional changes and bug fixes. However, if the changes occur only on the server side and do not require an update to the client application, a review is not necessary.
The review process for updates takes 1-2 days on average.
Even during the app development stage, review Apple's basic checklist to help you prepare for the initial review. If any requirements are not met, the launch may be delayed.
Apple's team of editors checks every app for malware that could compromise user security and privacy. The App Store also places great importance on content related to children. This commitment helps maintain high standards, making it one of the safest platforms for users worldwide.
I will briefly outline the main requirements of Apple's App Review Guidelines.
Ensuring user safety and compliance with ethical standards are key requirements for applications in the App Store.
1. Offensive, discriminatory or inappropriate content is prohibited:
2. All applications with user-generated content should have built-in anti-abuse features that allow for:
For example, the Instagram app uses AI to filter out prohibited comments and images. It also allows users to report content and block others.
3. Applications for children must not collect users' personal data or device information. Third-party analytics or advertising services may access this information only under strict confidentiality conditions.
The following are not allowed in apps that fall under the Kids category:
Parents should be able to navigate to the Screen Time > Content and Privacy Restrictions section on their child's device to manage in-app purchases and downloads, as well as change privacy settings.
4. The App Review team keeps a close eye on applications that may pose a physical threat:
5. The application may be rejected if you do not provide up-to-date contact information for communication with users.
6. Ensure that user data is protected by following the Apple Developer Program License Agreement.
Before submitting the application for review, make sure it is ready.
1. Complete the application:
2. Carefully customize the app's text and image metadata (title, subtitle, description, preview, screenshots, and videos). A few recommendations:
3. Metadata for In-App Events must be correct, up-to-date, and contain a deep link to the relevant section of the application.
4. Test the app for stability on Apple devices:
5. Consider the basic software requirements:
If an app is designed as a photo editor, it shouldn't store or transmit any personal data, because that's not its intende purpose.
6. Be sure to provide a demo account or demo mode for apps that require authorization so that the Apple team can review their functionality.
An app with obvious technical issues will be rejected, so thoroughly beta test it with Test Flight. And be sure to meet all public release requirements.
There is a list of requirements for app design. Let me tell you about the most important ones.
1. Copies of applications are prohibited — clone applications will be removed from the store. It is also forbidden to create several identical applications under different Bundle IDs. This is considered spam.
2. The app should provide useful features that set it apart from a regular website. Without unique features, it may be rejected and redirected.
3. ARKit (a framework for creating augmented reality applications) should deliver a fully integrated and immersive AR experience.
4. The application should work autonomously.
5. It is important to comply with the following documentation when creating extensions:
6. If the app provides access to the Apple Music library:
7. If you use a third-party service for authorization (Google, Facebook, LinkedIn, etc.), provide an alternative way to log in with minimal data transfer.
8. For recurring payments, provide users with at least the minimum required information when using Apple Pay:
9. Do not monetize built-in features such as a camera or gyroscope.
1. Make monetization transparent:
2. Purchasing ratings and reviews will result in the removal of the app and its exclusion from the Apple Developer program.
3. Payment and in-game purchases:
4. Subscriptions must be of ongoing value and available on all devices. It’s prohibited to:
5. There is a limited list of apps that may integrate alternative payment methods (except for subscriptions and in-app purchases). These are:
6. Regarding cryptocurrencies:
Apps must comply with the law. Here is what you need to pay special attention to.
1. In your privacy policy, clearly state what user data you collect and how you use it.
2. Be sure to obtain the user's consent to collect data, including anonymous data. This consent must not be a condition for accessing paid features.
3. Ask users for permission to share data with third parties for advertising or app improvement purposes. If data collected for one purpose will be used for another, obtain additional consent.
4. Only request an account login if it is justified. The application should function without registration.
5. Request access only to the data essential for the app's functionality.
6. Use geolocation services only when justified by the application's purpose. Collect location data with user consent.
7. Ensure that all content is either licensed or created by you.
8. Do not imitate Apple products or claim your app is approved by Apple.
It is strictly prohibited to:
For applications that conduct research, the following is necessary:
For risk-free surveys, these requirements may be simplified. However, medical studies must adhere to strict standards.
Regarding apps for children:
Here’s what happens after the app is sent for review.
You can track the current status of the review in the App Store Connect.
I've compiled our team's experiences to highlight the most common issues we encounter. The App Review team conducts a thorough evaluation of an app that is about to be released for the first time, and rejections can happen for various reasons.
The In-App Events review team is unavailable from Friday evening to Sunday evening. You will receive a review update on Sunday evening (CET).