Search results for

5.1.1

400 results found

Post

Replies

Boosts

Views

Activity

Reply to About Account deletion when users use the Sign in with Apple
I also do not save the token obtained with apple Sign in on my app. I could start saving it and revoke it when the user wants to delete the account, the issue is I always get invalid_client error no matter what client ID I use in the request. This is the last part in the Apple reminder email. If your app offers Sign in with Apple, use the Sign in with Apple REST API to revoke user tokens. https://developer.apple.com/documentation/sign_in_with_apple/revoke_tokens#discussion Is this really necessary to pass the app review? The token as a validity of 1 day, and users are not going to create and delete an account in the same day I guess. It seems that this API isto be used when using sign in with apple on the web. Can someone at Apple provide some explanations? Upcoming Requirement Reminder Note: This is a support message regarding upcoming requirements that may be relevant for your app. Starting June 30, 2022, apps submitted to the App Store that support account creation must also include an option to initiate a
Topic: App & System Services SubTopic: General Tags:
May ’22
Offering account deletion in your app
Hello, I have an application that's been in the works, and I came across App Store Review Guideline 5.1.1(v), and I had some questions as it seems like many people do in this forum. I think my biggest questions is ow will Apple review the actual deletion of a user? Developers can implement soft deletes where the data cannot be accessed by anyone outside of those that have access to the database. This obviously isn't sufficient, but Apple wouldn't be able to tell the difference, at least from the api.
Topic: App Store Distribution & Marketing SubTopic: General Tags:
0
0
522
Jun ’22
revoke Apple Token Api, Always Return 200
I received the mail below. Starting June 30, 2022, apps submitted to the App Store that support account creation must also include an option to initiate account deletion. We noticed this app may support account creation. If it already offers account deletion or you’re working to implement it, we appreciate your efforts to follow the App Store Review Guidelines. Apps submitted after June 30 that do not comply with the account deletion requirements in guideline 5.1.1(v) will not pass review. https://appleid.apple.com/auth/revoke However, the revoke api is not working properly. Even if you throw an incorrect key value, 200 is always returned. Is the API working properly? What should I do?
Topic: App & System Services SubTopic: Core OS Tags:
7
0
4.2k
Jun ’22
how to transfer an app never released in App Store?
Apple has a recent policy [5.1.1(ix)] requiring medical apps like mine to be submitted by healthcare organizations, not individual physician programmers like me. I have an app I worked on for a couple months, loaded it to AppStoreConnect, sent it out on Test Flight, good feedback, ready to release. But cannot release as individual physician. So went to my employer healthcare organization. They'd be happy to publish my app. I now have credentials within their developers account. When I try to upload my same app (rebuilt with new certificates and identifiers for organization), I can't get it to upload because Apple flags my upload as copying someone else's material -- I suspect my own material! It sees that Cardiovascular Risk app submitted under my healthcare organization is just like my cardiovascular Risk app submitted also by me under my personal developers account! If the app were already approved at least once, I could transfer it. But since never approved for the App Store, I cannot use the Tran
Topic: App Store Distribution & Marketing SubTopic: App Store Connect Tags:
4
0
2.3k
Jun ’22
Legal - Privacy - Data Collection and Storage
Guideline 5.1.1 - Legal - Privacy - Data Collection and Storage We found in our review that your app does not meet all of our requirements for apps that offer highly regulated services or handle sensitive user data. Specifically: The account that submits the app must be enrolled in the Apple Developer Program as an organization, and not as an individual. The guideline 5.1.1(ix) requirements give App Store users confidence that apps operating in highly regulated fields or that require sensitive user information are qualified to provide these services and will responsibly manage their data. Next Steps To resolve this issue, it would be appropriate to take the following steps: Your app must be submitted through an Apple Developer Program account enrolled as an organization. You may either enroll in a new Apple Developer Program account as an organization, or request that your individual account be converted to an organization account by contacting Apple Developer Support. Please note that you c
Topic: Privacy & Security SubTopic: General Tags:
2
0
1.4k
Jun ’22
Apple guideline on Offering account deletion in your app
As per Apple Store Review Guideline 5.1.1(iv), If your app supports account creation, you must also offer account deletion within the app. Here they have mentioned that “Deleting an account removes the account from the developer’s records, along with any data associated with the account that the developer isn’t legally required to maintain.” My question is - What all data comes under legally required to maintain term?
Topic: Privacy & Security SubTopic: General Tags:
1
0
580
Jul ’22
Reply to Regarding account deletion feature in our app
If you can create an account in the app, you need to be able to delete an account from the app too. Starting June 30, 2022, apps submitted to the App Store that support account creation must also let users initiate deletion of their account within the app. - from Offering account deletion in your app. The App Store Review Guidelines also state this is required in section 5.1.1(v), under Privacy > Data Collection and Storage > Account Sign-In. If your app supports account creation, you must also offer account deletion within the app.
Topic: App Store Distribution & Marketing SubTopic: App Review Tags:
Jul ’22
App Review Inefficiency
I am seriously taken aback by the efficiency of the App Review team. Jul 8, 2022 at 2:46 PM - We submitted our app on this date. Jul 9, 2022 at 10.47 AM - Our app was rejected due to 5.1.1 Legal - Data Collection and Storage. Jul 9, 2022 at 1.02 PM - I provided detailed information in relation to our business being in a highly regulated industry. Jul 13, 2022 at 8.22 AM - App Review Team replied stating that additional time is required to review. App Review status was changed to App In Review. Jul 13, 2022 at 8.36 AM - I received the same message that the issue previously identified requires our attention. Jul 13, 2022 at 1.42 PM - I replied again that information has been provided and it was confusing to have received another same App Rejection message. I contacted the App Review Team for assistance and was assured that my app will be reviewed. Jul 14, 2022 at 9.57 AM - App Review team replied that the team will continue the review and will notify if there are any further issues. 27 Jul, 2022 at 3.1
Topic: App Store Distribution & Marketing SubTopic: App Review Tags:
1
0
531
Jul ’22
Is there a way pass the app review with a customizable game?
Hello. We are making mobile games but our business model is a little bit different and this difference creates us problems during the app review process. The games we make are customizable(not directly by user but by with the data provided by the user). There is a base game and we change the game visuals, texts, musics etc. for each user with the data they provide during the sale. We take and process that data and each user can only access the game assets created from the data they sent us. Right now my app(And all my future apps) is getting rejected because of the following guidelines: Guideline 2.5.2 - Performance - Software Requirements During review, your app downloaded code that changes your app’s behavior or functionality for each users, which is not permitted on the App Store. (Which is basically the main idea behind our project) Guideline 4.0 - Design We noticed that the user is taken to the default web browser to sign in or register for an account, which provides a poor user experience. Guideline 5.1.1
Topic: App Store Distribution & Marketing SubTopic: App Store Connect Tags:
1
0
865
Aug ’22
Adding Account Deletion feature to the Mobile App
I am having a mobile app that does not have any account creation feature for the customer. Customers can log in to the app using their email ID and Verification code received through email or SMS. The Account of the customer is either created or imported by a different web-based application into the system. Does my mobile app which is not supporting the account creation of customers need to have the Account deletion feature? App Store Review Guideline 5.1.1(ix)
Topic: App Store Distribution & Marketing SubTopic: App Review Tags:
0
0
293
Sep ’22
Reply to How to delete a passkey
I understand that a user can delete their own Passkey through Settings, but guideline 5.1.1(v) dictates apps that support account creation must let users initiate deletion of their account within the app. As Passkeys, and thus an account, can be generated from within the app - the requirement here means we need to be able to delete them from within the app too. This means programmatically - with validation to ensure we can only delete our own passkeys, and indeed ensuring that the user wants to delete it (with a modal). Also, with the ability to delete a passkey (and presumably their only way of accessing their account) outside of the app, it leads us with orphaned accounts. Accounts which exist on the server but the user cannot access. What is the best pattern here?
Topic: Privacy & Security SubTopic: General Tags:
Sep ’22
5.1.1 account deletion issue: what is a highly regulated industry?
Hello, I'm posting about a 5.1.1 compliance issue with account deletion. The issue I am running into is that we use a customer service flow (email) to initiate account deletion. Now, it is not explicitly stated that email cannot be used in the 5.1.1 Guideline, but in a linked FAQ which states that only Apps in highly regulated industries, as described in App Store Review Guideline 5.1.1(ix), may use additional customer service flows to confirm and facilitate the account deletion process. However, 5.1.1(ix) does not list what a highly regulated industry is, or how it can be determined. It just lists some examples: Apps that provide services in highly regulated fields (such as banking and financial services, healthcare, gambling, legal cannabis use, and air travel). If the industry your app is used in, is not one listed in these examples, but is still considered to be highly regulated, what do you need to provide to show it is a highly regulated industry? What qualifies an in
Topic: App Store Distribution & Marketing SubTopic: App Review Tags:
3
0
2.4k
Sep ’22
5.1.1 Data Collection and Storage (v) Account Sign-In
Hi everyone, I would like to publish an app that I am rejected because it is account based. I need the user to register for statistical purposes. In addition, the user can comment, like and set favorite content. Is it possible that this is not enough? If your app doesn't include significant account-based features, let people use it without a login. Isn't this enough to be significant? the core of the app is precisely that of collecting statistical data by monitoring the user's position while watching content corresponding to works of art. Isn't a privacy policy enough to explain why the user has to register? I don't want an access without registration. Do you have any suggestions?
Topic: App & System Services SubTopic: Core OS Tags:
0
0
362
Sep ’22