Manage app information

Overview of export compliance

If your app uses, accesses, contains, implements, or incorporates encryption, and you intend to upload, test, and distribute your app through the App Store, you’ll need to determine your export compliance requirements in App Store Connect.

Examples of apps requiring an export compliance determination include, but aren’t limited to, apps that use:

Standard encryption algorithms.
Crypto functionality within Apple’s operating system.
Proprietary or non-standard encryption algorithms. The U.S. Government defines "non-standard cryptography" as any implementation of "cryptography" involving the incorporation or use of proprietary or unpublished cryptographic functionality, including encryption algorithms or protocols that have not been adopted or approved by a duly recognized international standards body(e.g., IEEE, IETF, ISO, ITU, ETSI, 3GPP, TIA, and GSMA) and have not otherwise been published.

It’s your responsibility to review the Export Administration Regulation to determine if your app’s use of encryption requires a formal classification (Commodity Classification Automated Tracking System or CCATS) from BIS. All liabilities associated with misinterpretation of the export regulations or claiming exemption inaccurately are your responsibility. To learn more about encryption export controls, visit the U.S. Department of Commerce Bureau of Industry and Security (BIS) website and search for encryption policy. The Government of France also controls the import and export of encryption apps distributed in France. The main items of control for France are Secure Storage, Secure Communications and Security Anti-Virus applications. Exemptions include Banking and Medical applications. For more information about these French controls, visit the Agence nationale de la sécurité des systèmes d’information (ANSSI) website.

When you submit a new version of your app, you’ll be required to answer questions in App Store Connect about your app's use of encryption. Follow the steps below before submitting your app to App Review to ensure that you’re submitting the right documentation and to bypass these questions if your app doesn’t use encryption.

Determine your Export Compliance requirements

App Store Connect provides a simple way for you to determine your export compliance requirements by presenting you with a set of questions about your app and where you plan to make it available. Proceed based on the scenarios below:

Scenario				Next Steps
No export compliance documentation required				Update your app’s information property list (Info.plist) file in Xcode so that you don’t need to answer encryption questions with each app submission.
Export compliance documentation required				Use App Store Connect to submit your export compliance documentation. Once the documentation is approved, attach it to your beta build or App Store build. Update your app’s information property list (Info.plist) file in Xcode so that you don’t need to answer encryption questions with each app submission.