Apple Rejecting Apps For Not Showing Ads


Note: Update posted, with the latest information on affected SDKs.

A spate of rejections greeted app developers Friday as Apple started to enforce an oft-overlooked clause in their developer license for apps. The clause affects apps that retrieve the user’s IDFA (Identifier for Advertiser) but show no ads inside the app. The clause states:


“You and Your Applications (and any third party with whom you have contracted to serve advertising) may use the Advertising Identifier, and any information obtained through the use of the Advertising Identifier, only for the purpose of serving advertising. If a user resets the Advertising Identifier, then You agree not to combine, correlate, link or otherwise associate, either directly or indirectly, the prior Advertising Identifier and any derived information with the reset Advertising Identifier.”

This seems straightforward, but the reality is that in advertising, it takes two to tango. There is the app showing the ads (the publisher) and the app being advertised (the advertiser). The publisher is allowed to access the IDFA, but the advertiser isn’t. However, most ad networks charge the advertiser only once the advertiser’s app is installed and run by the user (an arrangement called CPI or Cost Per Install). The industry standard method for ad networks to track this transaction is via matching the IDFA – which means the advertiser needs to access the IDFA and pass it to the ad network to track the install. So 99% of the advertiser apps today collect the IDFA and will likely run afoul of this rule.

The enforcement of this rule throws a big ugly wrench into the mobile advertising ecosystem. To make matters worse, Apple has systematically removed all other tools networks have to identify users like MAC address or UDID.

And it goes beyond advertising: many analytics and optimization services rely on the IDFA. Apps integrated with Mixpanel, for instance, have been rejected for collecting the IDFA, but Mixpanel’s default integration relies on this identifier.

Why is Apple doing this? They probably don’t like the fact that apps have been collecting and warehousing IDFAs to use for all sorts of purposes, from running retargeting campaigns to building user profiles. These broad tracking and targeting technologies may be seen by Apple as eroding end-user privacy.

When Apple introduced the IDFA, they included the ability for users to reset the identifier. But this is something a very small portion of users are aware of, and it seems Apple has decided they need to do more to prevent IDFA abuse.

As a side effect, this will push ad networks to a Cost Per Click (CPC) model and away from CPI – which is worse for the advertisers. (Publishers generally already get paid per click, ahem tap, or impression). Of course, it helps that Apple’s own ad network, iAd, is not affected by these restrictions. Advertisers who want to preserve their ability to run CPI campaigns may try to work around the new restrictions by adding a small amount of advertising to their app, but whether this will mollify Apple is unclear.

Doom and gloom aside, this doesn’t seriously impact Tapstream customers since our platform is engineered to use IDFA as a supplementary signal. Everything we do works without it, from conversion tracking to deferred deep links – all through our industry-leading fingerprinting solution. But to ensure your app doesn’t get flagged for rejection if you’re not running ads, check our note on IDFA collection in our iOS SDK documentation.

Update: We’ve posted an update with more information, including which SDKs are affected and what you need to do to avoid getting your app rejected.

Discussion over on Hacker News.