Posted on 18. June 2021 by Jan Bunk
Apple and Google, which own the most popular app stores, are american companies. As they allow users from other countries than the USA to download your app, they are by law exporting the app.
To protect your users and to comply with Apple's guidelines, your app uses encryption. Specifically, it uses the 'HTTPS' protocol, which you might know from your own website. It enables encrypted communication with websites and should be used wherever possible for security reasons.
Even though it sounds weird, these two aspects together mean that Apple and Google are exporting encryption technology for you.
After you select a build in App Store Connect, it might ask you questions about your app and export compliance. Please pick the following options in the export compliance dialog:
From our research these are the correct answers when the app uses no special encryption aside from HTTPS.
We have found conflicting information on this topic, but Apple says you will need to submit a year-end self classification report to the US government. Failing to report the encryption correctly might lead to the termination of your Apple developer account. However I am not sure whether this has ever happened before and if Apple is in regular communication with the Bureau of Industry and Security about every app. In theory, every app on Apple's and Google's store that uses the internet would have to report to them. This would result in around 4 million emails to them every february.
I can't provide any legal advice or guarantee for any of the information on this topic, it's just my understanding of the situation.
He also provides a template row of the CSV file (can be created in spreadsheet programs) to send to the BIS:
App name, App SKU (Under App Information in App Store Connect), SELF, 5D992.c, MMKT, Mobility and mobile applications n.e.s., Your name, Your phone number, Your email, Your address, no, n/a
Just like you might analyze your website visitors' behaviour, you can do the same for your app users. Filter for app users and get actionable insights on how to improve your website and app.
How to generate keys & keystores and use them to sign your appbundle. Afterwards verify it and upload it to the Play Console.
Developer accounts are needed to publish your app. Find out how you can grant us access to yours in case you want us to help you with something.
Hi, I'm Jan! I created webtoapp.design in 2019 while studying computer science in university. A lot has changed since then - not only have I graduated, but it's also no longer just me running webtoapp.design. We've grown to a global, fully remote team and have gathered lots of experience around app development and app publishing. We've created and published hundreds of apps in the app stores, where they've been downloaded hundreds of thousands of times.