Apple is set to release iOS 17.4 to the public next week with a major update for EU users that allows third-party app stores and more. Now ahead of the Digital Markets Act going into effect, Apple has shared the most up-to-date and comprehensive resource about all the changes and its approach and “efforts to protect user security and privacy in the European Union.”
We learned back in January that Apple would be opening up iOS to third-party app stores in the EU for the first time due to the Digital Markets Act (DMA). Other changes include a new commission structure, third-party default web browsers, and more.
Ahead of iOS 17.4 launching for the public with all the major updates in the EU, Apple has published a 60-page whitepaper covering everything that’s changing. It includes details on all the ways it’s working to ensure security and privacy, but highlights:
These safeguards will help keep EU users’ iPhone experience as secure, privacy-
protecting, and safe as possible—although not to the same degree as in the rest
of the world.
Apple says that its “highest priority is to make great products that enrich our users’
lives around the world” and that protecting users with strong security, privacy, and safety features is a fundamental value.
When it comes to the changes needed to meet the DMA’s requirements, Apple says it built “over 600 new APIs and developer tools.”
Apple says the safeguards it’s put in place for app distribution apply no matter where a developer sells the iOS app, with iOS notarization being a big update that includes both automated and human reviews.
One of Apple’s concerns is that new third-party app stores in the EU are “new and lucrative markets for malicious actors.”
Malicious actors have long struggled to gain access to iPhone because of its best-in-class security and privacy protections. Apple’s integrated approach to platform security has put the iOS ecosystem out of the reach of commodity malware—in fact, cybercriminals have never succeeded in getting a single widespread consumer malware attack on iOS. They have learned that Apple’s integrated approach to platform security makes most malware infection attempts a lost cause. The production and distribution of malicious software requires significant resources, and iPhone’s strong defenses have prevented these efforts from seeing meaningful return on investment, further lowering the device’s attractiveness as a target.
When it comes to alternative app store payment options, Apple warns about the loss of safety and security features built into its App Store:
To support the changes we’ve announced to comply with the DMA, we are also introducing the ability for developers in the App Store to use alternative payment options to complete transactions for digital goods and services within their apps in the EU. This opens up new options for developers, but it also means users of those apps will not have the same protections and benefits they have come to rely on through Apple’s private and secure commerce system, including In-App Purchase (IAP)—such as easy subscription cancellation, a centralized purchase history page, parental controls like Ask to Buy, or protections from predatory tactics like those that aim to trick users into paying a different amount for a digital good than advertised. The burden will fall on users to figure out for themselves, on an app-by-app basis, what benefits and protections might be available to them—and who they should contact for help when transactions go wrong, as AppleCare agents will have limited (if any) ability to assist them.
As we previously covered, other changes to protect and inform EU users with iOS 17.4 will include
- App Store product page labels — that inform users when an app they’re downloading uses alternative payment processing.
- In-app disclosure sheets — that let users know when they are no longer transacting with Apple, and when a developer is directing them to transact using an alternative payment processor.
- Expanded data portability on Apple’s Data & Privacy site — where EU users can retrieve new data about their usage of the App Store and export it to an authorized third party.
Apple believes that the work it’s done to comply with the DMA and protect users “will continue to make iPhone the most secure, most privacy-protecting, and safest smartphone available in the European Union today-giving users the great product they expect from Apple.”
But Apple believes that it’s not as safe as the iPhone experience for users everywhere else in the world.
Check out the full whitepaper here.
FTC: We use income earning auto affiliate links. More.