Apple has officially launched iOS 17.4 beta, incorporating sideloading capabilities for users within the European Union in compliance with the new Digital Markets Act (DMA) antitrust legislation. Notably, these alterations made by Apple to adhere to EU regulations will not extend to users outside the EU. Below are the specific criteria Apple will employ to determine if your iPhone or iPad qualifies for sideloading.
Sideloading of Apps is Now Possible on iPhone and iPad, Thanks to iOS 17.4
iOS 17.4 introduces notable alterations to the functionality of Apple’s mobile operating system. Sideloading, the direct installation of apps from sources other than the official App Store, will not be universally permitted. Instead, Apple will allow alternative app stores on iOS, and exclusively these stores will have the capability to distribute apps outside the App Store. These authorized stores are termed “App Marketplaces.”
However, these App Marketplaces must adhere to stringent rules established by Apple to obtain special permission. For instance, Apple specifies that creators of third-party app stores must furnish a letter of credit amounting to at least €1 million, serving as a guarantee for supporting both developers and customers.
Apple will restrict certain features on its devices to comply with local regulations in the European Union. Exclusive to EU users, these features include the capability for third-party apps to utilize NFC for payments without relying on Apple Pay, and the introduction of new APIs (Application Programming Interfaces) to facilitate the development of web browsers using engines different from Apple’s WebKit. The specific limitations and controls for these features on Apple devices in the EU have not been detailed.
Which Factors Does iOS Check Before Allowing Sideloading of Apps?
Apple has implemented a system called “countryd” internally to determine a user’s region, as reported by 9to5Mac back in April of last year. This system combines various pieces of information to ascertain the user’s location. Although it has been present since iOS 16.2, it has only been put to use now.
Here are some of the factors that iOS examines to determine if a device qualifies for sideloading and App Marketplaces, based on insights from system reports and code reviewed by 9to5Mac:
1. Apple ID billing address
2. The user’s current location (with Apple reportedly checking the country and not the precise location for privacy reasons)
3. The current region set in iOS settings
4. The device class (indicating whether it’s an iPhone, iPad, etc.)
Other Checks
In addition to the mentioned factors, the system also specifically checks whether the device originates from China to restrict sideloading, though the exact reasons for this restriction remain unclear. Apple is introducing a new section in the “About this iPhone” menu that allows users to view the region of the device. While there will be a link to a support article with more details about this system, it is not currently available.
The list of countries where sideloading is enabled is maintained on an Apple server, giving the company the flexibility to update it as needed. If more countries enact antitrust legislation similar to the DMA, Apple can extend these changes to those regions without requiring a new iOS update.
Enabling sideloading in unsupported regions becomes challenging for users, as it involves changing the Apple ID region and manipulating the iPhone’s location system. An update to the iPhone Simulator will allow developers to simulate this new system for distributing apps outside the App Store.
Apple has created a system that can bypass the regulatory check to enable sideloading for a particular Apple ID. However, it is likely designed for internal development purposes and may not be available to the general public.
MDM API is the Backbone of App Marketplace
As reported by 9to5Mac in November, Apple utilizes the new Managed App Distribution API as a backend for App Marketplaces. This API offers basic controls for downloading, installing, and updating apps from external sources. It can also verify app compatibility with specific devices or iOS versions, similar to what the App Store already does. In iOS 17.4 beta, a component called “MarketplaceKitBridge” is added to this API, enabling both APIs to share necessary information for downloading apps outside the App Store.
Apple has announced that it will release iOS 17.4 to the public in March, aligning with the March 7 deadline set by the European Union.
What is MDM API?
MDM API stands for Mobile Device Management API. It’s a set of tools and protocols that allows developers and administrators to programmatically manage and control mobile devices enrolled in an MDM platform. Think of it like an API for your phone!
Here’s what you can do with MDM APIs:
- Enroll and unenroll devices: Add or remove devices from the MDM platform.
- Configure device settings: Apply security policies, restrictions, and network configurations.
- Deploy and manage applications: Install, update, and remove apps on managed devices.
- Wipe and lock devices: Remotely erase data or lock lost or stolen devices.
- Collect device data: Gather information about device health, location, and application usage.
- Trigger actions and automate tasks: Perform various actions based on events, like low battery or security violations.
Benefits of using MDM APIs:
- Efficiency and automation: Automating tasks saves time and reduces human error.
- Scalability: Manage large numbers of devices easily.
- Customization: Integrate MDM with other systems and workflows.
- Security: Improve device security through programmatic control.
Who uses MDM APIs?
- IT administrators: Manage large mobile device deployments.
- Developers: Build custom applications for MDM platforms.
- Security professionals: Automate security responses and enforce policies.
- Businesses: Integrate MDM with other enterprise systems.
Examples of MDM API providers:
- Apple Device Enrollment Program (DEP)
- Google Mobile Management (GMM) API
- Microsoft Intune API
- VMware Workspace ONE UEM API