Apple’s upcoming iOS 17.4 iPhone update will bring a huge change for a subset of iPhone owners. For the first time, Apple is allowing users in Europe to download third-party app stores and install apps from sources other than the company’s official App Store.
But that change comes with some heavy security risks, as Apple highlights in a new white paper that outlines its plan for vetting these apps through a new procedure known as Notarization for iOS.
Apple is permitting third-party apps to be installed on the iPhone in Europe in order to comply with the European Union’s 2022 Digital Markets Act (DMA), which is meant to enforce fair and open competition in the tech sector. The company has also come under increased pressure to open iOS to alternate app stores in recent years following its high-profile legal battle with gaming giant Epic Games. The Fortnite maker sued Apple and Google over their respective app store policies that take up to a 30% from purchases made in apps and through their app marketplaces.
iOS 17.4 RC: Your iPhone Could Get These New Features Soon
Watch this: 10 Must-Try Hidden iOS 17 Features on Your iPhone
Apple has long argued that its App Store policies keep its users safe from malware and other digital threats. The new white paper reiterates that position while introducing guardrails meant to protect iPhone users downloading external apps, like the new Notarization for iOS vetting process.
The program uses automated and human reviews to check that third-party apps are “free of known malware and other security threats, generally functions as advertised, and doesn’t expose users to egregious fraud,” per the white paper’s description. The review also applies to every app update to prevent bad actors from slipping in malware later on. It’s an extension of the Notarization process Apple uses for its Mac software.
Notarization won’t be nearly as robust as the “nutrition label” of information in an App Store’s listing, since it notably lacks disclosures on content and in-app purchases. But it will still give users more context about the app by providing descriptions and screenshots before installing the app. If the app has been flagged for malware, Apple will strongly warn users before they launch it.
Anyone making a third-party app for iPhones will still have to sign up for the Apple Developer Program, which includes registering a legal name, phone number and address. In some cases, Apple will ask for further proof of identity, such as a government identification number.
Those signing up for the developer program must sign a license agreement requiring them to abide by local laws and avoid fraud. The policy also requires that their apps don’t spam or otherwise abuse users. If they violate the agreement, Apple terminates it and the app is blocked (though the developer is not). Apple noted that in 2022 the company terminated more than 400,000 developer accounts for fraud and prevented creation of over 100,000 other fraudulent accounts.
17 Hidden iOS 17 Features You Should Definitely Know About
See all photos
Ultimately, there’s only so much control Apple can exert outside the App Store. But Apple has made a baseline criteria for alternative app marketplaces that serve as guidelines to protect users. These include committing resources to monitoring for and pruning malicious apps and offering customer support. In the white paper, Apple acknowledges how much effort has been made in maintaining the App Store since it launched in 2008 and urges other storefronts to do the same.
While Apple will let developers accept payments outside the App Store, the company warns users that its financial protections won’t apply. These include easy subscription cancellation, parental controls like Ask to Buy and protections from getting charged a different amount than advertised. If users fall victim to predatory practices, “AppleCare agents will have limited (if any) ability to assist them,” the white paper says.
While Apple’s document includes its share of scare stories for users and developers — including a warning that alternative app marketplaces could host pirated apps stealing honest developers’ work — it’s also an acknowledgment that the EU’s new DMA rules are changing the rules of app access on mobile devices. But it’s also worth noting that it’s in Apple’s interest to keep people within the App Store, given it’s a key part of Apple’s lucrative services business. It’s unclear when or if other regions will get access to non-App Store apps, but this system provides a blueprint Apple could apply elsewhere.
Read the full article here
