Archive for March 13, 2024

Wednesday, March 13, 2024

DMA Compliance: Web Distribution of iOS Apps in EU

Apple (MacRumors, 9To5Mac, Hacker News, Slashdot):

Web Distribution, available with a software update later this spring, will let authorized developers distribute their iOS apps to EU users directly from a website owned by the developer. Apple will provide authorized developers access to APIs that facilitate the distribution of their apps from the web, integrate with system functionality, back up and restore users’ apps, and more.


Apps offered through Web Distribution must meet Notarization requirements to protect platform integrity, like all iOS apps, and can only be installed from a website domain that the developer has registered in App Store Connect.


If you’re interested in using Web Distribution, please review the requirements to qualify. Later this spring, the Account Holder of your Apple Developer Program membership can request access for Web Distribution.


Be enrolled in the Apple Developer Program as an organization incorporated, domiciled, and or registered in the EU (or have a subsidiary legal entity incorporated, domiciled, and or registered in the EU that’s listed in App Store Connect).


Be a member of good standing in the Apple Developer Program for two continuous years or more, and have an app that had more than one million first annual installs on iOS in the EU in the prior calendar year.

I see this as potentially more attractive than App Marketplaces because you don’t have to depend on another middleman. But it’s far from true sideloading. Most developers will not even be eligible, and you still have to pay the Core Technology Fee (CTF).

Benjamin Mayo:

The rules as originally written were specifically orchestrated by Apple to offer “sideloading” without offering sideloading. The rules prevented the obvious, straightforward, approach of letting a developer host a binary on their website for users to download directly to their device. Instead, A developer wanting to offer their software outside of the App Store was forced to partner with an intermediary, an alternative app marketplace in which to list their app, and then would have to somehow explain to their customers how to install said marketplace in order to install said app. It induced business relationships and a whole bunch of complexity that didn’t really have a justification to exist other than frustrating the process.

Tom Warren:

That’s a lot of hoops for developers to jump through, and it appears that Apple is limiting this to big developers only thanks to the 1 million installs requirement. Having a good standing developer account for two years may also rule Epic Games out of this particular distribution method.


Let’s list the additional changes that would make this offer something less than sideloading but still ultimately be somewhat palatable.

Steve Troughton-Smith:

It looks like Apple is rapidly finding out all the ‘and/or’s in the DMA were ‘ands’ not ‘ors’. Apple had bet their entire compliance plan on those being ‘ors’.

It seems like they’ve been working on this for a while but hoped they wouldn’t have to ship it.

Jason Snell:

Apple suggested that it made these changes after consultation with developers, which, okay, sure. But let’s be clear: this is very obviously the result of European regulators nudging Apple and telling the company that it hadn’t gone far enough and wasn’t honoring the spirit of the DMA.

And now we can fully see Apple’s strategy of incremental compliance, brought into action: The company announced the minimum possible and then waited to be told what else it needed to do. Now it will begin modifying those policies, as required, in order to satisfy regulators while still doing the minimum required of it, presumably hoping that it won’t get nudged by the regulators all that often.

Dave Wood:

The funny thing here is that for nearly 2 decades, Apple has driven the cost of apps down to pretty much zero. Normal users don’t want to pay for apps, and expect them to all be free. But now Apple wants to charge developers €0.50 per install!

Dan Moren:

These rules also mean that many small and independent developers likely won’t be able to opt in to web distribution—that one million threshold is still pretty high. Do those shops deserve to be restricted from developing their apps on the web?

Sarah Reichelt:

I’m not in the EU but I’m hoping for side-loading everywhere for distribution of in-house apps. This one million installs is a ridiculous requirement.

Thomas Clement:

So still not possible to make a small app and share it with friends and family :(

David Meyer (via Hacker News):

The EU’s Digital Markets Act has been in place for less than five days, and its enforcers have already pushed Apple into two humiliating U-turns. If Apple has been trying to test how much it can throw its weight around in its increasingly hilarious hissy fit over the new Big Tech antitrust law, it’s had its answer now.

Michael Love:

The requirements around this are onerous, but I actually view it as a positive sign because now instead of requiring Apple to allow sideloading and having Apple hem and haw about how tricky that is, the EU just has to tell Apple to drop the minimum download count and fee.

And the whole business about requiring at least 1M installs but then charging you after 1M installs is clearly designed to both lock out smaller developers and make this financially onerous for big ones, so I’m hopeful they do make those adjustments (and in the meantime am going to start paperwork on an EU subsidiary).

Steve Troughton-Smith:

Apple’s new clutch at malicious compliance is its requirement to “Be a member of good standing […] for two continuous years or more, and have an app that had more than one million first annual installs on iOS in the EU in the prior calendar year.”, which it has applied to web-based sideloading.

I’m sorry Apple, but my rights under the DMA don’t disappear if I have less than a million EU users on the App Store, or if I have an ‘individual’ developer account. This restriction simply won’t work.

Drew McCormack:

One thing you can say for sure about Steve Jobs is that he loved to keep things simple. 30% tax on sales. Apps, books. Simple. The latest efforts to handle DMA would make him squirm. You seriously need a decision tree to understand all the options.


Update (2024-03-14): xroissance:

It takes 15 clicks to install an app from the web using the newly proposed Apple flow. Here’s the journey[…]


I’m amazed how Apple has intricately woven 15 actions into what appears as two straightforward sentences. The complexity hidden within simplicity often goes unnoticed.

John Gruber:

The eligibility requirement of having an app with over 1 million annual installations in the EU is a high barrier. The intention, obviously, is to limit web distribution to ostensibly trustworthy developers. But it’s sort of a catch-22: the entire feature is by definition intended for developers who want to distribute their apps outside Apple’s App Store (or anyone else’s EU app marketplace) — but the only way to qualify is to have at least one very popular app in the App Store or an app marketplace.

If this change is at the behest of the EC, via back-channel feedback, the EC is seemingly only concerned with large developers. And to me it makes no sense that this change — a huge one — came from anywhere but back-channel communications with the EC.


That it will only be available to longstanding developers with at least one million-EU-downloads app may well be completely compatible with the DMA. There’s nothing at all in the DMA about the interests of small or indie developers.


So my gut feeling is that we’re seeing Apple adopt changes in response to unofficial feedback from the EC. If so, that suggests that the things Apple isn’t changing — like the Core Technology Fee — are either OK with the EC, or, if not, that Apple is willing to fight for them.

Riley Testut :

IMO the funniest thing about these Web Distribution requirements is that I’m not eligible to distribute @delta this way…but I AM eligible to distribute an entire app store

Mark Meador:

When Apple said sideloading would lead to a bad user experience, it apparently meant that it would make it a bad user experience.

Tim Sweeney:

Compare this freak show of executive-mandated bad design to the App Store, where amazing designers make installs as easy as possible.


If developers are scared into silence while Apple and Google have literally hundreds of lobbyists employed by dozens of front organizations secretly advocating for their positions and giving money to political candidates, how do smartphone users and app developers have a chance?

David Barnard:

I genuinely think it’s lost on Apple just how scared developers are of them and of App Review. And then how that shapes the entire mobile app industry.

Downie’s Anti-Piracy Scare Tactic

dario (Reddit):

It is being reported on Reddit that Downie 4 (a video downloader app developed by Charlie Monroe Software) contains code for a popup that claims to have deleted random files on the computer as a ‘punishment’ for allegedly using a pirated/cracked version.

Here’s what it looked like.

Charlie Monroe (tweet):

During this time, I was receiving reports from people running cracked versions of my apps and it was hurtful to me and my efforts. I’ve always tried to contact those users and try to convince them to use a genuine version. Many of such users do not see the effort behind the development and that it is (in the early years) matter of survival for the company.

There were, however, users running cracked versions of Downie that used fake email addresses for their reports and even included insults in their messages. Unfortunately, my mind came up with the idea that Downie would include a list these email addresses and would show a message to these users. In what you can call lack of judgement, I’ve included a message that suggested that Downie may have deleted random files, appended with a “Or am I kidding?” question. It was meant in jest (though it was very irresponsible of me) – I would never dare touch the user’s files, no matter whether genuine or cracked version. This is a line I would never cross, whether you believe it or not.

Years have gone by and I haven’t touched this code with this message in many many years now. It was a mistake ever adding it, but it was there and I simply did not think about it anymore. If a thief keeps passing your house and you set up a booby trap and the thief stops coming around, it is entirely possible that you just forget to remove the booby trap until a visiting friend falls in.

Unfortunately, one user entered the email address into Downie as their email address. This email address was used in one such fake-email report. This user, however, was using a genuine version, but unfortunately, the booby trap was triggered.

Piracy is a real problem. Not only do you lose revenue (some would never pay, but some would), but part of your limited time is spent troubleshooting with users who will not pay and whose support issue may in fact have been caused by whatever was done to crack the app. On the other hand, any kind of countermeasure could accidentally ensnare a genuine customer. I believe Downie’s developer that no actual harm was ever intended, but obviously even empty threats (or jokes that might be interpreted as such) are a mistake.


Most Subscriptions Apps Do Not Make Money

Hartley Charlton (Mastodon):

The “State of Subscription Apps” report comes from RevenueCat (via TechCrunch), a prominent mobile subscription toolkit provider. With nearly 30,000 apps utilizing its platform for monetization management, RevenueCat is able to provide a reliable overview of the subscription app landscape thanks to its data collection capabilities. The analysis delves into data from over 29,000 apps and 18,000 developers, collectively responsible for more than $6.7 billion in revenue and over 290 million subscribers.

RevenueCat found that while the top-performing 5% of subscription apps amass revenue 200 times greater than those in the bottom quartile, the median monthly revenue for apps after one year is less than $50. Only 17.2% of apps cross the $1,000 monthly revenue mark.

Paul Haddad:

Pretty sure “most app do not make money”, is also a valid headline.

Ben Sandofsky:

When I read “17% of subscriptions apps make > $1,000 a month,” I just assumed that pay-once apps are at 1%.

Nick Lockwood:

consumers have some amazing misconceptions about how software is made. I’ve seen several reviews for mobile apps over the years that claimed that since Apple/Google pay the developers to make apps anyway (?) they should be free for end users

Christian Tietze (Mastodon):

That got me thinking – my family doesn’t quite understand that I’m creating apps for e.g. Apple platforms without being an Apple employee, either.

Randy Saldinger:

Even as someone who gives software away for free, I still get comments from users who take umbrage when I don’t want to add a feature they ask for, “after I paid all that money to Apple.” It’s not often stated that clearly, but the subtext is often there.

This misconception certainly isn’t helped by Apple’s framing of App Store updates at WWDC. “Apple has paid developers 70 billion dollars!” Not “developers have earned 70 billion dollars selling on the App Store.” Not “developers have earned 100 billion dollars and Apple scraped 30 billion off the top.” But “Apple has PAID developers.”


Update (2024-03-14): Sebastian Aaltonen:

Yeah. Technically Apple is handling the billing, but billing is not equal to making money. You don’t say that Mastercard is making your money either.

The devs are making the money and devs are paying Apple 30% cut. That’s what’s really happening.