Submissions for mobile apps for iOS are subject to approval by Apple's App Review team, as outlined in the SDK agreement, for basic reliability testing and other analysis, before being published on the App Store. Applications may still be distributed ad hoc if they are rejected, by the author manually submitting a request to Apple to license the application to individual iPhones, although Apple may withdraw the ability for authors to do this at a later date.
Non-disclosure agreements have always forbidden developers from publishing the content of their rejection notices, but Apple has now started labeling their rejection letters with an explicit non-disclosure warning. Apple later changed the NDA[how?] citing that "it has created too much of a burden on developers" but they did not reverse the decision to forbid publication of rejection notices. Some applications are not available outside region specific App Stores at the request of the developer.
In addition, Apple has removed software licensed under the GNU General Public License (GPL) from the App Store after complaints from one of the program's developers (the VLC media player), claiming that the App Store's terms of service are inconsistent with the GPL.
Applicants have been denied apps for fundamentally duplicating Apple apps, for example by providing an email interface with no added functionality or use, or having the same elements as the built in SMS app. Applications have also been rejected for duplicating the functionality of iTunes. Applications may be rejected if they are of only "limited utility". Some reports indicate that toolbars must be placed at the bottom of the screen, and the vibration function should only be used for alerts.
Launched in July 2008, the App Store averaged about $1 million in application sales a day in its first month of existence. To get applications into the App Store, developers were required to submit their app and wait for approval or rejection by Apple. Rejected apps were given feedback on the reason they were rejected so they could be modified and resubmitted.
The approval process for Apple has changed over time in terms of its feedback to developers and the time delay for apps to be approved. In July 2009, the application could take weeks. Apple streamlined the process at the end of 2009, and some apps were processed in a few days. In addition, in December 2009, the App Store began providing detailed feedback to developers on the approval process rather than simply showing "Waiting for Approval" and "Approved" or "Rejected".
Over time, requirements have evolved as trends have appeared in application development. For example, applications accessing the user's location for advertising were valid prior to the fall of 2009. After this point, apps were rejected that did not provide more robust user experience beyond simply using location data for advertising. Other requirements, such as using undocumented APIs, have always led to rejection.
In 2010, the iPad app approval process could have been lengthy, similar to the weeks experienced previously for iPhone applications. In June 2010, Steve Jobs at WWDC 2010 said 95% of apps were processed within 7 business days. According to Apple's developer portal as of 3 July 2014, 98% of new and updated apps were processed within 5 business days.
On September 9, 2010, Apple published official App Store Review Guidelines for developers. At this time several development restrictions were lifted and many developers of previously rejected applications were asked to resubmit their applications under the new guidelines. The App Review Guideline Document is a living document that Apple can change at any time. Essentially the guidelines are put in place to prevent problems with pornography, violence, legal issues, user experience, and other more specific guidelines in apps. Apple checks each app against these guidelines before approving it for sale and inclusion on the App Store.
Apps that get featured will get promoted by Apple within the App Store, typically within a specific app category. There are no specific guidelines for getting an app featured, but in some notable cases, app developers that gather feedback directly from Apple before releasing their app have indicated that this improves chances of getting featured.
In May 2009, Apple rejected the first version of 'Newspapers', an iPhone app that let users read content from 50+ newspapers around the world, including the New York Times, France's Le Monde, and the United Kingdom tabloid The Sun. The app was rejected because the topless "Page 3" girls daily features were described as "obscene". A second version of the application was submitted, removing access to The Sun, and adding a price tag of £0.59. The app was made available in the summer, after the release of the iPhone OS 3.0 software. Another application, of similar nature to 'Newspapers', called 'Eucalyptus' allowed users to download e-books to their iPhone, though was rejected by Apple because one of the e-books that could have been downloaded was the Kama Sutra. The ban has since been lifted.
We do believe we have a moral responsibility to keep porn off the iPhone ... Folks who want porn can buy an Android phone
We can't adapt European magazines to the standards of Utah.
The App Store has Playboy and Sports Illustrated adult-rated apps that have yet to be removed, while some apps by others were removed citing adult content which has resulted in accusations of hypocrisy. Despite this, adult sites continue to market for iPhone and iPad users. In November 2009, the application of Stern (a mainstream German weekly magazine with a print circulation of about 900,000) was deleted for several weeks without warning. In January 2010, Europe's largest newspaper, German tabloid Bild, removed content from the iPhone version of its print edition at the request of Apple, and later it had to modify one of its applications – like in the Stern case because of nudity. The Association of German Magazine Publishers (VDZ) warned that with such interventions Apple might be moving towards censorship.
The Guardian described rejection of explicit content by Apple as analogous to that of the distributor WHSmith, a main distributor which for many years imposed content restrictions on British publishers. Workers at the fashion magazine Dazed & Confused have nicknamed their iPad edition the "Iran edition".
In December 2009, Apple banned a cartoon app called NewsToons by cartoonist Mark Fiore, on the grounds that it "ridiculed public figures." In April 2010, Fiore won the Pulitzer prize for his political satire cartoons, making history as the very first internet-only cartoonist to win the prestigious journalistic prize. Following public outcry after the story broke in the wake of the award, Apple asked Fiore to resubmit his app, and it was subsequently accepted. Fiore said, "Sure, mine might get approved, but what about someone who hasn’t won a Pulitzer and who is maybe making a better political app than mine? Do you need some media frenzy to get an app approved that has political material?"
In April 2009, a game called Baby Shaker was approved for the App Store then later removed due to complaints. The game allowed the user to shake their phone in order to quiet a crying cartoon baby onscreen. The app was criticized for making light of shaken baby syndrome, a condition where shaking a baby results in severe brain injury.
In May 2009, Trent Reznor of Nine Inch Nails announced, via his Twitter account, that Apple had rejected an update to the Nine Inch Nails application due to "objectionable content". The developer posted a message on the Nine Inch Nails discussion boards explaining the situation further:
v1.0 is live. v1.0.3 got rejected due to content yet the app has no content in it. This was mainly a stability release to fix the bug that crashes the app for international users. The bug was fixed 24 hours after 1.0 went live and we have been waiting for Apple to approve it ever since. Meanwhile the app continues to get a growing number of 1 star ratings from international users understandably frustrated by the bug, "but looks like our hands are tied".
Apple later permitted the update.
In December 2009, Ted Lando's eBook app "Take Control of iPhone OS 3" was rejected by Apple. The app was not permitted back into the App Store until all references to jailbreaking were removed.
In August 2012, Josh Begley created a drone strike iPhone app that sent out a push notification whenever a US military drone aircraft struck a target. The app was rejected, Apple finding the content "objectionable and crude".
In September 2019, an anonymous developer submitted an app called HKmap.live to App Store, which is tracking police vehicles, armed officers and incidents in which people have been injured during 2019–20 Hong Kong protests. But Apple had rejected the app, and reversed its decision on October 4. People's Daily, the official media in China, has criticized Apple's action. On October 9, Apple announced that the app was removed.
All iOS App Store applications must support sandboxing and list all permissions required for the correct functionality. During the review process, each application is manually tested, and static analysis is run on its binary code.
In 2013, a test malware application, that was using dynamic code reassembly techniques and named "Jekyll" in reference to the Stevenson novella, was approved and released on the App Store. Apple claimed that unspecified changes were made to iOS in response to the attack.
In September 2015, infected programs were published for public download on the App Store. The malicious code had been embedded into Chinese legitimate software through a modified version of Xcode (see XcodeGhost). Some of the bigger applications that had the code were Angry Birds 2, CamCard, TinyDeal.com, among others. Apple confirmed the attack and stated to be working with the developers to make sure they were using the proper version of Xcode to rebuild the apps.
In October 2015, Apple also confirmed having removed applications from the App Store due to the privacy concerns. They commented that applications could be used to compromise SSL/TLS security solutions.