Apple begrudgingly allows app sideloading, third-party app stores — bemoans security risks in official announcement as tech giant bows to EU regulations

Apple and the European Union have somewhat of a sordid history. Just recently, new regulations in the EU forced Apple to do away with the Lightning port on its iPhone 15 series in favour of USB Type-C. More recently, though, the EU's Digital Markets Act has forced Apple to allow users to sideload apps and install apps from third-party app stores.

Apple has announced that, going forward, it will allow developers in the EU to distribute their apps on alternative app stores and marketplaces, as well as use other browser engines for browsers on iOS devices. Additionally, Apple is introducing a Device Interoperability Request form to “request additional interoperability with hardware and software features built into iPhone and iOS.”

As part of the effort to comply with the EU's DMA, Apple claims it had to create over 600 new APIs. Apple bemoans this new-found compatibility every step of the way, making sure to mention numerous times throughout the announcement that the new interoperability and marketplace freedoms come with significant security risks.

The new options for processing payments and downloading apps on iOS open new avenues for malware, fraud and scams, illicit and harmful content, and other privacy and security threats.

There's a caveat to all this new freedom, however. As was leaked earlier this week, Apple will still police app installs from third-party markets for security purposes, and, in some cases, it will charge fees for apps installed via third-party app stores.

That’s why Apple is introducing protections — including Notarization for iOS apps, an authorization for marketplace developers, and disclosures on alternative payments — to reduce risks and deliver the best, most secure experience possible for users in the EU. Even with these safeguards in place, many risks remain.

Notarization for iOS apps — a baseline review that applies to all apps, regardless of their distribution channel, focused on platform integrity and protecting users. Notarization involves a combination of automated checks and human review.

Apple is also changing its app development pricing structure by reducing the cut it takes on App Store purchases and subscriptions to 10%, and 17% for digital goods and services. Additionally, instead of only charging for apps installed via the official App Store, like Google does with the Play Store, Apple is introducing a Core Technology Fee in the EU, which also applies to third-party app stores. Developers will now pay €0.50 for each “annual first install per year over a 1 million threshold.”

With this change to the way Apple charges for apps installed on its devices, Apple still generates revenue on all apps installed on its devices, regardless of the app's origin or distribution channel. This Core Technology Fee also seems to apply to free apps, which is a big change from the previous model. To help developers understand more about the fees they can expect to pay, Apple has published a fee calculator tool on its support site.

Throughout the announcement, Apple blames the DMA's forced compatibility for “a less intuitive user experience.” and reduced safety overall. When talking about selecting a default web browser the first time users open Safari, Apple says that the change “means that EU users will be confronted with a list of default browsers before they have the opportunity to understand the options available to them,” further stating that this selection screen is an interruption to the user experience.

It remains to be seen how the EU's regulatory bodies respond to Apple's announced changes. Apple has had a long time to prepare these changes, so it's likely that they will pass EU scrutiny, even though the way Apple has implemented the changes isn't quite in the spirit of the EU's DMA laws. These changes to the way Apple handles app installation and gatekeeping also only apply in the EU, so US Apple users are still restricted to the WebKit browser engine and the default App Store.

The changes to iOS will be implemented in March 2024, when we will get a good look at how much the user experience is actually disrupted and how much of Apple's complaining is warranted.

Check out the Google Pixel 8 Pro or pre-order the Samsung Galaxy S24 Ultra on Amazon.