Apple last week announced new rules for EU app developers to comply with the new Digital Markets Act (DMA). After being designated as a "gatekeeper", the EU required Apple to make changes to increase competition in the app industry, including providing new methods for downloading apps from outside the App Store, new frameworks and APIs, revised commission and fee structures, etc.
Developer reaction to the changes has been mixed, with some major companies, including Epic Games, Spotify and most recently Microsoft, speaking out against Apple's changes, which appear to be designed to ensure Apple can continue to make money from iPhone apps, regardless of how they are discovered and installed.
In EU countries, developers will receive lower commissions - 17% for digital transactions and services and 10% for developers who qualify for a small business discount (or a second-year subscription), but the company will continue to charge an additional 3% if it uses Apple's payment processing services.
At the same time, the company is implementing a core technology fee that Apple says pays for their use of Apple's proprietary technology and tools, developer services and support, and platform integrity. This fee applies to apps published on the AppStore and other marketplaces, with a charge of €0.50 per first installation exceeding 1 million per year.
In addition, Apple has also introduced more options, such as the ability to choose the default web browser, and for developers, you can also use NFC payment technology (supporting Apple Pay) for your own applications.
After reading the documentation provided by Apple and communicating with the company, there are some caveats and details developers should know about these rules. We'll organize them below as a starting point, and will add to this list over time as we learn more.
Apple will allow alternative app markets to compete with its own App Store, but Apple will still control which companies will be allowed to develop such apps. Apple said Market app developers will need to obtain a €1 million letter of credit from an A-rated financial institution to gain access to this right. The company said that only developers committed to protecting users will have access to new APIs needed to develop market applications, which is also a way for Apple to censor them. Apple believes that this restriction will ensure that malicious actors cannot engage in fraudulent activities in the market to the detriment of iPhone users.
Apps in the App Market can only be released from the developer's official website, not from the AppStore.
Personally developed applications (non-Market applications) cannot be published through the website. They must choose to publish on the AppStore or through a third-party marketplace.
Apps on the marketplace must pay a core technology fee with each install, while apps published through other marketplaces or the AppStore are free for the first 1 million installs each calendar year. This encourages individual developers to update their apps and release security fixes, even if the apps are not distributed through the App Store, but imposes an upfront cost on developers running App Store competitors. Apple noted that it has developed more than 600 new APIs as part of its efforts to enable the marketplace platform.
Non-profit organizations, government agencies, and educational institutions are exempt from the core technology fee.
Neither free apps, open source apps, nor free apps are exempt from the Core Technology Fee, which means free app developers shouldn't even be able to distribute under the EU's new terms because if their apps get more than 1 million installs per year, they'll have to pay Apple anyway. Apple believes the apps can still pay for the core technology because they are likely to make money through other means, such as advertising or physical goods. (In other words, Apple found a way to capture revenue from apps outside of in-app purchases and paid downloads!). Apple estimates that less than 1% of developers in the EU pay core technology fees. Developers don't have to pay this fee, though - it only applies to those who adopt the new terms for alternative distribution and payment processing.
Apple will prevent "install bombing" - where bad actors increase the number of installs of their apps by downloading a competitor's app on multiple devices. Apple said it will provide an install verification mechanism to ensure all installs come from genuine Apple devices, and will limit the number of first-time annual installs from a single device. If necessary, it may also terminate developer accounts for suspicious behavior.
Users can install multiple third-party app markets on their devices, but the marketplaces need to ask for permission from the user before they can start installing apps from these rival app stores.
Users will get new settings and controls to manage the new way apps are installed. This includes being able to see where an app was installed from (e.g. which third-party app store). A permission in Settings called "Allow Marketplaces from Developers" will let users choose which alternative app stores they wish to allow. Users can also revoke permissions from developers and manage default app markets in Settings if desired.
No matter how the application is published, it will be "notarized". This process means that the app will be given an installation key that will be used to install the app on the user's device. During this process, Apple also scans apps for viruses, malware, and other security threats. In addition, Apple will use human review to ensure that some content of the application is true, for example, whether the application does what it claims to do.
The notarization process does not include quality standards for App Store review, nor does it allow Apple to reject apps based on content. This means illegal content and pornographic content may be allowed.
If Apple detects malware in an app installed from a third-party app store, it will prevent it from launching. It remains to be seen whether Apple can reliably detect malware in apps installed outside of the App Store. However, Apple will not be responsible for chargebacks or the risk of fraud and abuse that occurs outside of its AppStore through third-party app marketplaces.
Notarized, Apple can show more details to users before they install the app, including the name, developer description (with screenshots) and age rating.
Apple is blocking developers' attempts to create alternative game stores, offering a new feature that will allow them to stream games in its App Store. Before this, each game had to be a separate app.
Developers must submit a binary for their app, whether it is published on the AppStore or another app market. This means that apps can only be installed from one App Store at a time, so if a user downloaded the App Store version, they will have to delete it to download a new non-App Store version.
While developers can choose to offer other payment processors in their App Store apps, they can't also offer Apple's own in-app payments (IAP). But they can switch back to IAP at any time.
After updating to iOS 17.4, when the user opens Safari on the device for the first time, the system will prompt the user to select the default browser application. The user can also manage the default application browser in iOS settings.
In the EU, browser app developers will be able to choose engines other than Safari's WebKit. Apple said it will bring WebKit technology to iOS to support "high-performance" alternative browsers. This includes just-in-time compilation, multi-process support, custom network sandboxing and Passkeys.
Browser app developers must adhere to industry-standard privacy and security practices, such as promptly addressing security vulnerabilities.
Developers will be able to offer NFC payments in their apps without using Apple Pay or Apple's Wallet app. This software solution is similar to the NFC payment methods that currently support alternative wallets on Android, enabling applications to access "field detection", which calls the user's default NFC application when the iPhone is near an NFC terminal.
Developers will be able to integrate third-party payments directly into their apps, or notify developers of available offers and promotions when making purchases on their website.
While developers can start using the Xcode 15.3 and iOS 17.4 betas released last week, Apple users in the EU won't be able to use the changes until March.
AppStoreConnect's 50 new reports will include metrics on: Engagement (such as the number of users who interact with an app on the App Store or share it with others); Commerce (downloads, sales, revenue, pre-orders, transactions using Apple's in-app purchase system); App Usage (crashes, active devices, installs, app deletions, etc.); and Framework Usage (an app's interaction with operating system processes such as PhotoPicker, Widgets, and CarPlay).
Developers will be allowed to share their app stores with other app market developers and third parties, including exporting a complete history of engagement, commerce and usage of their apps. More details on this will be announced in March.
Developers can choose between currently existing terms (such as commission structures) or new terms. However, if developers adopt Apple’s new EU Business Terms at any time, their EU apps will never be able to switch back to Apple’s existing Business Terms.