Best practices to avoid being removed from the Apple App Store

For any app developer, developing a top-ranking app on Apple’s App Store would be a career highlight. Yet thanks to Apple doubling down on user privacy, even popular apps like Facebook have been taken offline. For developers, it’s increasingly important to stay abreast of rapidly-changing privacy, compliance and policy changes to avoid a similar fate -the dreaded app store removal.

Ben Wald, co-founder, and VP of Solutions Implementation at Very, shares insight on how developers can stay on top of evolving policy updates, a key factor in avoiding being thrown out. We recently had a discussion with Ben to discuss best practices on how to build apps that can respond quickly to these security updates, and how to create innovative apps that delicately balance the experience for end users, while also protecting their privacy.

ADM: What are the biggest technology opportunities with app development?

Wald: Users expect frequent product releases and feature upgrades, putting a great deal of pressure on app developers to continually innovate on the design and functionality of their applications. Not only must apps work flawlessly, but they must also delight users to truly stand out from the crowd. This requires app developers to work with agility, regularly releasing features and proactively responding to user feedback.

ADM: What are the chief considerations when working with customers to develop apps?

Wald: It’s important to identify the most critical features as early as possible. Most customers come with a wish list of every feature they want in their app. We use a process called “needs, wants, desires” to prioritize features. During this process, we work together to create an exhaustive list of user-facing features, necessary administrative functionality, and general platform foundations.

The session starts with everyone creating cards, in person or virtually, and placing them where they feel the cards fall in priority. The three choices are:

• Needs: Must have, a top priority
• Wants: Nice to have
• Desires: Would love to have someday
   

Once everyone has completed the first task, we process every card as a group. This is where it's critical that all stakeholders are collaborating. We need to meld the viewpoints of engineers, designers, domain experts, and product owners. We'll reorganize everything, write new cards as needed, throw cards away and ultimately end with a high-level roadmap for the project.

These cards will eventually turn into our product roadmap. For this activity, the goal is to determine which features are critical to the business and customers, and this helps us start thinking about how to define the Minimal Viable Product.

ADM: What do you see as obstacles in the industry for app developers?

Wald: Developers need to work diligently to ensure that only the most critical features are developed so that they can pour their energy into producing a functioning product with an amazing user experience. Facebook used to have the motto, “move fast and break things.” It meant that new features and tools might not be perfect, but that creation speed was key, even if there were some slips along the way. Those days are quickly coming to an end, and in fact, Facebook’s new motto is “move fast with stable infra.” Facebook is just one example of a development organization that has changed its tune and become more pragmatic. Today, all features should support the primary purpose of that product and try to avoid much else to keep technical debt to a minimum and reduce the surface area for possible defects in the long run.

ADM: Explain the issues app developers run into with compliance.

Wald: The explosion of user data has given way to a new era of app development. Now, applications can customize in-app experiences user-by-user, an idea that would’ve seemed far-fetched just five years ago. However, applications that store and manage large amounts of user information or behavior tracking need to be very careful with how that is used and shared. As users are becoming more and more concerned with their privacy, Apple and others are responding aggressively, requiring that developers be transparent when usage data is being collected and issuing 24-hour takedown notices to violators.

For app developers, this means that many apps could be in risk of removal from the App Store, thanks to Apple’s stringent 24-hour turnaround privacy and compliance policy. Simply put, launching an app isn’t a ‘set it and forget it’ process - rather, developers must focus on the core steps needed to ensure proper compliance and updates as Apple rapidly deploys policy changes.

ADM: How do you balance out the need for data to personalize information for the user and privacy concerns?

Wald: A good rule of thumb is to only collect the minimum amount of information necessary in order to achieve the primary job of the application. This varies widely by application. Companies like Amazon and Facebook rely on this ability to personalize as part of their competitive advantage and have a deep history of your engagement their product over many years. Amazon’s use case could be thought of as the ideal scenario, where all personalization can be gained through users interacting directly with your product. Facebook, on the other hand, is able to collect and monitor your general internet activity, even outside of their platform, due to their deep integration with their advertising partners. This is, in my opinion, more of a grey area, particularly as users don’t really understand what information they are providing Facebook and how it is being used.

When collecting personal information, do it in a way that is intuitive to the user, less so through aggregation and mining for data from your platform. Of course, if your monetization strategy involves selling user information in any way, be sure to consult your legal team before proceeding.

ADM: What are the main differences between apps that use CICD (continuous integration and continuous delivery) with ones that don’t?

Wald: The biggest benefit of an app using CICD is its ability to respond to changing requirements and to ship updates as quickly as possible. This results in superior user experience and a more stable product by being able to adjust quickly to users’ issues and feedback. The term “continuous delivery” means that the product is essentially always in production; any changes are immediately committed, and the software is continuously evolving gradually. Continuous delivery is a trendy practice among many development firms, and has been associated with benefits including faster time to market and higher-quality software.

ADM: With the threat of being removed from the App Store, do you think this prompts app developers to be more reactive or to learn to become more proactive to become compliant?

Wald: The best developers will become more proactive. Apple has built an incredible ecosystem by setting a high bar for both privacy and user experience. While this is frustrating at times, especially when getting an app across the finish line, we are lucky to have consumer advocates like Apple in this industry.

ADM: How do you see Apple’s privacy policies evolving for apps?

Wald: I believe that as Apple continues to become stricter in its policies and standards, its consumers will appreciate it. It honestly is a huge competitive differentiator against Google / Android.

ADM: You focus on IoT app development, although have had experience with building other types of applications and platforms in the past. What are the key differences in building IoT apps versus others?

Wald: When building IoT applications, you’ll face several large hurdles that you don’t need to think about when building other kinds of apps. The first consideration is the hardware itself. Often hardware and software are being developed at the same time, so you need to be able to build and test prototypes of the hardware and software simultaneously. As the hardware requirements evolve, the software must adapt to things like different methods of connectivity, such as Bluetooth vs. WiFi, changing chipsets, etc.

On top of that, hardware/software interactions also often behave very differently in test environments than they do in the “real world.” The real world is chaotic, and human behavior is unpredictable. The rate at which your hardware will deteriorate is unknown. Thermodynamics and the impact it will have on internal hardware components is hard to predict or account for. All of these things make the development of IoT applications immensely more complicated than other types of applications.

ADM: As an IoT design and development-focused firm, what advice would you give to companies looking to bring on resources to help build a new IoT application?

Wald: You'll want a firm with a proven track record of launching IoT solutions and the technical chops to get the job done. Firms with expertise in both software development and electrical/mechanical engineering have a distinct edge and will be able to deliver a complete IoT solution faster than their competitors.

Another factor is your preference for communication styles. Some companies prefer to take a hands-off approach until the project is completed. Other clients prefer to have check-ins and reassurances at regular intervals from their IoT partner. Taking a more proactive, involved role when communicating is usually preferable because it allows the terms of the project to fluidly change in order to meet the client’s needs

In addition to similar communication styles, you should also look for IoT partners that work in the same way that your company does. For example, what is the typical length of a sprint during their software development process? Does the team practice continuous delivery, or do they follow long release cycles like in the traditional waterfall model?

No matter who you select as an IoT partner, they should have a strong culture built up around automated testing and software quality. This often goes hand-in-hand with continuous delivery. As your application grows and becomes more complex, it becomes increasingly difficult to tell whether you’ll break something when changing even a single line of code. At Very, we build in-depth automated testing suites that are run whenever we make changes to the software. The outcomes of these tests let us know immediately if we’ve inadvertently introduced a bug or error.

ADM: Where do you see app development evolving in the next 12-24 months?

Wald: IoT-enabled applications will continue to become more commonplace, and consumer expectations for these applications will be high. General consumers are beginning to ask, shouldn’t this be connected? Why can’t I control this smart device from my phone? Similarly, industrial use cases are exploding - from inventory management to real-time analytics on power systems - making it no longer acceptable for critical aspects of your business to be offline. If your company is having to wait for days rather than hours for mission-critical intelligence, you will be left behind by your competitors.

Finally, users now expect frequent product releases and feature upgrades, putting a great deal of pressure on IoT leaders to continually innovate on the design of the physical product itself, the embedded software, and the infrastructure supporting it. We expect to see the highest growth in the consumer and industrial sectors.

10 best practices to avoid removal from the App Store Summary

#1 Stay up-to-date on current events.
Apple gives developers a very short turnaround to comply and update your code, sometimes only 24 hours. The more you stay on top of Apple’s policy and compliance changes, the more aware you’ll be when you suddenly have to shift gears. Make sure that you’re following any news and checking the email you have registered with Apple to avoid a last-minute scramble as much as possible.

#2 App development isn’t a “set-it-and-forget-it” process.
Some app developers mistakenly think that after launching an app, most of your work is done. While a lot of the heavy lifting happens during the initial development, companies must focus on the core steps needed to ensure proper compliance and updates as Apple rapidly deploys policy changes so you can adapt quickly as these changes happen.

#3 DevOps can set you up for success.
An effective DevOps strategy allows organizations to more rapidly deliver software and security updates internally and to customers. This is critical for agile development, as laying a strong foundation for your application will set you up for success in the event of having to rapidly respond to 24-hour notices.

#4 Provide unit tests for all applications.
Unit testing is essential for developing quality applications; it allows you to find more bugs at the code level or more refined class level. Doing so will catch errors early on, which if not detected, can create issues and cause crashes of the whole system, once all the modules of an app are integrated.

#5 Ensure well-documented quality code.
High-quality code provides a solid structure for application development. This can be achieved through pair programming, regular code reviews, functional testing, and identifying clear requirements. Code should focus on extensibility, maintainability and readability to ensure the application is consistent, visible and can be flexible to any sudden changes.

#6 Begin using CICD for your applications.
Create a CICD (continuous integration and continuous delivery) environment to automatically test code and streamline applications. The benefit of CICD is its ability to respond to changing requirements and to ship updates as quickly as possible. This results in a superior user experience and a more stable product by being able to adjust quickly to users’ issues and feedback. The term “continuous delivery” means that the product is essentially always in production; any changes are immediately committed, and the software is continuously evolving gradually, thereby allowing consistent updates in response to sudden policy changes.

#7 Put security first.
Privacy is a double-edged sword, and most of the time, is the reason for apps being booted from the App Store. Generally, people choose to let their information be used in exchange for personalization or convenience — the world we live in is built around that convenience and often the cost of that is privacy for the end-user. As Apple doubles down on apps for their security practices and sharing of data, developers should be aware of how this will not only impact its users, but their standing in the App Store if they don’t put security first.

#8 One mistake can cost you.
Being booted from the Apple Store has serious ramifications for developers, which can be difficult to recover from. Making sure you’re following all guidelines and staying on top of rapidly changing policies is essential to thriving in a continuously changing environment.

#9 Expect more regulations down the line.
As security and privacy become larger concerns for users, Apple will likely steer closer in this direction in the future. What does this mean for developers? Expect consistent changes to the App Store ecosystem with a stronger demand for developers to remain compliant with changing policies. It wouldn’t be shocking if Apple continued down this road and became stricter with their current regulations. With the right foundation, app owners can make their business more resilient and sustainable in the ecosystem.

#10 Change your status quo.
With Apple’s policies and compliance standards updating regularly, this is a chance to take a step back, review your own processes and see what’s working for you. While Apple sets the tone, it also allows app developers to challenge themselves and become more innovative. While it may seem daunting at first, this is a good practice to incorporate new ideas and tools into your app development and have fun learning in the process.

Ben Wald is the co-founder and VP of solutions implementation at Very, where he develops high-level strategies to solve prospective client challenges, focused on IoT scalable solutions. In his role, Ben works day-to-day with clients to create and plan IoT projects from any stage of development, assessing their long-term roadmap and ROI. He is passionate about improved security, better UX for the enterprise, as well as Agile IoT. During Ben’s career, he co-founded three successful startups. His first endeavor — an online education software company was acquired by eCampus, resulting in Ben being named one of Businessweek's Top 25 Young Entrepreneurs.