Hello guys,
There's an app that I work on that has been rejected by the App Review team in the past, because the app asked the users to enter their email address as part of the registration process, which violated the 17.2 rule :
Apps that require users to share personal information, such as email address and date of birth, in order to function will be rejected
We managed to solve the problem by explaining to the reviewer that our users must also be able to log onto our website, and email address was the obvious choice of a "shared" identifier between the platforms.
Now, I'm currently working on an app that will require users to register & authenticate themselves by asking for their email, and I fear that I will encounter the same issue with the App Review team ; only this time, my service won't be accessible via a website, so the aforementioned argument will not stand.
I couldn't help but notice that there's quite a number of apps that don't offer any functionality before their users register themselves by providing their email address ; some apps (games, for the most part) don't even have a registration process and require their users to own a Facebook account and login using FB Connect.
That brings some questions :
- It seems to me that there's a really thin line between the apps that ask their users to register using an email address and get rejected, and the ones that get approved. Is there a way to ask your users for their email addresses and still be sure to get your app approved ? Providing some "unlogged" basic features before asking the users to register maybe ?
- Do apps that require their users to login with their Facebook account always get approved ? That would seem really weird...
- Finally : is there some kind of a best practice to provide user registration & identification without asking them for an email ? I've been thinking about using identifierForVendor to skip the registration process (which would be even better), but I think that this identifier can be reset by the users in their privacy settings, which is kind of a deal breaker...
Unique usernames sure seems like a possibility, but I noticed that most people tend to forget their username once they log out or reinstall the app, and there's no way to implement a "lost account name / password" feature without having their email addresses.
Hope some of you will be able to enlighten me ! Thanks.
PS : By now you should have noticed that English isn't really my mother tongue, so please forgive my mistakes !