Does my app use encryption?

Posted on Aug 24, 2024

A note for myself as I keep researching this topic every couple of years. If your app uses CloudKit encryption, it does not count as something you need to declare in the App Store Connect.

Your app uses encryption limited to that within the Apple operating system

No documentation is required in App Store Connect.

– Apple
– Stack Overflow confirmation

App Store Connect questions

Does your app implement any encryption algorithms that are proprietary or not accepted as standards by international standard bodies (IEEE, IETF, ITU, etc.)?

Does your app implement any standard encryption algorithms instead of, or in addition to, using or accessing the encryption within Apple’s operating system?

You can avoid all these questions by modifying the Info.plist file.

<key>ITSAppUsesNonExemptEncryption</key>
<false/>

As my current understanding, the false value means you answering no to both questions.

HTTPS

From Stack Overflow, the US government changed the law and eased rules on mobile apps which use HTTPS. If your app uses HTTPS, you still should answer no to the both questions.