Apple has announced a series of significant changes to iOS, Safari, and the App Store to comply with the new Digital Markets Act (DMA) of the European Union. With changes that span the entire system and the way we access apps, let's review exactly how the landscape looks now in the European Union.
Changes in iOS: more options, but less security
The changes in iOS, the operating system of the iPhone, are focused primarily on supporting the changes coming to the App Store itself.
The first and most important change is that new avenues for the distribution of applications on iOS are being enabled, allowing developers to offer their products outside of the App Store. This means that the applications will not undergo the review process associated with being on the App Store, nor will they have to adhere to the security and privacy guidelines that Apple requires for apps in its store.
To counteract the new risks, Apple will implement several measures, including new protections and clear communication of potential threats to users. Specifically, Apple will do the following:
- Notarization of iOS apps: the same verification process that already occurs on the Mac, which will try to avoid risks related to platform integrity and user protection. The check will be both automatic and manual.
- Information about the apps: based on the notarization process, Apple will inform about the functionality of the applications before their download. This information complements what the developer may provide and will offer greater transparency about the app's functionality.
- Authorization for third-party stores: which will have to receive Apple's permission to offer applications on iOS, thus complying with the responsibilities this entails in terms of support, payments, claims, security, and privacy.
- Additional protections against malware: iOS will now prevent apps that are discovered using malware from running.
Along with this, Apple has introduced over 600 new APIs, allowing greater flexibility and new functionalities for applications. And it has also expanded the analytics available to developers, providing more detailed data on app usage.
Changes in Safari: default browser and alternative navigation engines
In the web browsing landscape, we also see significant changes summarized in these two points:
- Choice of default browser: when setting up a new iPhone and before being able to browse in any way—even to inform ourselves about the pros and cons of each browser—we will have to choose a default browser. As before, we can change the default browser later in the Settings app.
- Third-party navigation engines: if until now WebKit was the engine behind any browser on iOS, now, each browser will be able to use its own engine.
Changes in NFC Access: more payment apps besides Apple Pay
The Near Field Communication (NFC) technology also sees changes. Now, third-party applications will be able to use NFC technology to offer contactless payment services. Thus, banking apps and similar can be offered as an alternative to Apple Pay.
Changes in the App Store: external payments trying to reduce associated risks
We now come to the App Store. The epicenter of the changes, affecting all of Apple's operating systems. While we've seen changes in the operating system so far, here we're talking about the conditions of the store itself, as Apple has introduced several changes.
The first is that applications will now be able to use alternative payment services to those of the App Store itself. Thus, an app distributed through Apple's store can decide to charge us directly or send us to a payment gateway using third-party services. Similarly, applications will be able to link to an external website to collect our payment information there and charge for their services.
Of course, this entails various risks, and Apple's response to these is divided into several actions that seek to minimize them.
- The App Store will inform us about all the applications that have their own payment services.
- The system will warn us that transactions are no longer with Apple, so the protections and services we are accustomed to do not apply.
- Apple will have a new app review process to ensure that they communicate transaction information truthfully.
For applications that use an alternative payment processing, Apple will not be able to issue refunds and will have less capacity to support customers who encounter problems, scams, or fraud. App Store features like "Report a Problem," "Family Sharing," and "Ask to Buy"—for minors—will not reflect these transactions or be available.
Moreover, Apple reminds us, the fact that users have to share their payment information with other parties can create more opportunities for financial information theft. In the App Store and the iPhone's Settings app, the purchase history and subscription management will only reflect transactions made using the in-app purchase system of the App Store.
New conditions for Developers
Now, to support all the changes from a legal perspective, Apple has modified the conditions for developers, although they will still be able to use the App Store's secure payment processing and publish their applications on the App Store in the EU.
Under the new commercial terms, developers will have the option to distribute their iOS applications both through the App Store and in alternative app stores. In addition, they may opt to use alternative payment processors for their applications in the EU, offering them greater flexibility in managing transactions within the Apple ecosystem.
The new commercial terms include three key elements: a reduced commission in the App Store that varies between 10% for most developers and subscriptions after their first year and 17%, an additional fee of 3% for those who choose to use the App Store's payment processing, and a "Core Technology Fee" of 0.50 euros for each first annual installation that exceeds the threshold of 1 million.
Thus, developers can choose to stay in the App Store with reduced commissions and within the store can decide whether to use the store's payment services or those of third parties. Apps sold from third-party stores will not pay any commission or be able to use Apple's payment service. All apps that want to unroll in the new conditions, will pay the essential technologies fee. A fee, it should be noted, that Apple estimates less than 1% of App Store apps will pay due to its million-download threshold.
Security and risks introduced by the DMA
One of the most delicate aspects of the changes introduced by Apple in response to the DMA focuses on security, a fundamental pillar in the company's ecosystem. Despite efforts to adapt to the new regulations, significant concerns arise regarding Apple's ability to maintain its usual security standards:
- Opening the system to alternative applications and payment methods introduces new avenues for malware, scams, and other security threats.
- Although Apple implements measures such as app notarization and developer authorizations, the more open nature of the ecosystem decreases its ability to control and mitigate all risks.
- Applications that use alternative navigation engines or process payments outside of the App Store may compromise the user experience and expose users to additional risks.
With all this, Apple commits to informing users about potential risks, but the ultimate responsibility lies with users and developers to navigate this new and complicated environment cautiously.
The changes announced by Apple in response to the DMA mark a turning point in how the company operates within the European Union. These adjustments comply with the regulations but at the cost of new challenges in terms of security and privacy. We will see how the situation evolves in the long term and whether we have gained or lost with the change.
On Hanaringo | New Updates: iOS 17.3 is here with these 7 new features