Apple and Google set new rules for mobile applications on the App Store and Google Play annually. Even if you are not a developer, as a business person whose business is strongly associated with an application or a mobile platform, you should review them. So, let’s see what restrictions and updates we will face within the app market in 2019.
It’s all about security
The issue of security has everyone abuzz. Globally, users are letting developers know that they want their private data to stay private. They want to complete security when carrying out any transaction or when signing agreements. They also want to be sure that the millions of operations they handle through their apps every day still keep them safe. So it’s no wonder that the latest app store requirements focus on improving privacy and security for all of us.
The new rules enhance privacy for the users and concentrate on limiting the sources that apps can address. Yet, the devil is in the details. Your app may not get to the store because the checking system considers some code lines inappropriate.
What changes should you bring to your app in 2019?
To help navigate these rules, we came up with a checklist to help you analyze whether your application requires an immediate upgrade. However, you can find the whole technical data on the official recourses of Android and iOS.
Android
- Since 2019, the applications that use foreground services should be requesting permission. Otherwise, the application will crash on Android 9 as well as later versions.
- To protect user privacy, Android restricts the apps access to the devices’ serial numbers without permission. Also important, the applications can no longer access the phone number or phone state without special permission. Therefore, the vendors that use the serial number or phone number for any needs will need to rethink their flow to prevent exclusion from the Google Store.
- According to the new rules, applications also can’t utilize insecure connections. If the applications leverage any insecure API’s, they must be explicitly set for specific domains.
- You should also keep an eye on how your applications utilize the web views. Since 2019, apps won’t be able to share a single WebView data directory among multiple processes. Mostly, this rule will influence data directories that store cookies, HTTP caches, and other persistent and temporary storage issues related to web browsing.
- Android no longer supports the Apache HTTP client. This means that applications can’t utilize HTTP instead of https.
- Since 2019, any files that users open in the web views must have proper extensions. Because of this, the new rules make it impossible to focus on invisible views.
- The UTF-8 decoding rules got stricter now to follow the Unicode standard. For vendors, this means that if your application utilizes difficult symbols or emojis, it will crash on Android 9 and later versions.
- New requirements also claim that idle apps can’t access the camera, microphone, and sensors. If the application tries to turn on the camera or microphone, the user will get a warning saying, “Your application is trying to spy on you”.
- Apps can no longer utilize non-SDK interfaces. Apps can’t access any specific non-SDK interfaces, whether directly, via JNI, or via reflection.
iOS
- To protect the children’s private data, Apple claims that starting in 2019 the apps intended for children cannot include third-party advertising or analytics software. Accordingly, kids’ applications cannot transmit data to third parties.
- For gamified apps, Apple restricts access to real money gaming, lotteries, or charitable donations. As of 2019, these applications cannot support digital commerce.
- New rules concentrate on the applications that leverage VPN, as they have access to sensitive data. The VPN applications are forbidden to sell, use or disclose any data to third parties. Vendors must commit to this in their privacy policy to prevent being banned from the App Store.
- As the MDM apps provide access to sensitive data, they cannot sell, use, or disclose to third parties any data for any purpose, and must commit to this in their privacy policy. MDM apps must request mobile device management capability and can only be offered by commercial enterprises such as business organizations, educational institutions, or government agencies.
- The requirements are also stricter for applications that deal with the user’s health or fitness data. Since 2019, apps can leverage user’s health data to provide benefit directly to the user. In other words, vendors can’t collect the user’s health data and share it with a third party.
- The App Store refuses requests from applications that compile information without the user’s explicit consent or that do not come directly from the user. Therefore, even if your app refers to public databases it can be banned on the App Store.
- Apps must get consent for data collection even if the data is considered anonymous at the time of collection or immediately after.
- Effective immediately, the App Store won’t accept demo videos of app functionality that are geo-locked or otherwise restricted. Developers must provide a fully functional app for review.
What should you do?
The best step you can take to safeguard yourself is to consider upgrading your system. If you do, you can be sure that your application won’t get pushed down in search rankings and won’t be wind up banned on app stores.
Whenever you need help analyzing your system, the DB Best development team will provide you all the necessary help and instructions. We will dig deep into your source code to modernize it and make it compliant for large market requirements. Contact DB Best to get a free consultation on how to upgrade your mobile application to keep it in the app store.
Through many years’ experience, we know that system upgrades are not the catastrophe they may seem for the system’s owners. It’s a great opportunity to fine-tune your application and make it even better and safer for your users.