The following is a true example. A Data Theorem customer was notified of an issue that would not pass Apple’s App Store submission process, known as a “App Store Blocker”. The App Store blocker was identified in the customer’s pre-production app on July 3rd. The issue was not critical at all, as it was simply a requirement to have “Sign-In with Apple” as a login option if Google and Facebook logins were leveraged by the app. Near the end of the release cycle, the developer chose to ignore the Data Theorem finding and submitted the app to Apple (as shown in the first comment below); however, eight days later the app was rejected by Apple due to the App Store blocker (as shown in the second comment below).
Moral of the Story
While Apple & Google both inconsistently enforce their acceptance criteria for security & privacy issues, they both do reject apps. It is better to address the App/Play Store blockers identified by Data Theorem within 30 days rather than risk your app being delayed or even rejected at a moment’s notice.
As shown above, the customer could have addressed this issue from July 3 to Aug 3 using Data Theorem’s Secure Code; however they were consequently delayed until Sept 4 when the App Store Blocker was resolved and the app was resubmitted to Apple.
It should be noted that your app may not be rejected during the App Store submission process even though it has an an App Store blocker; however, Apple will not promote your app on search queries and iTunes marketing pages.