Guideline 5.2.x
Guideline 5.2.x - Legal: Missing Export Compliance Declaration
Low RiskEasy0 Reports
Our Take
Your Info.plist is missing the ITSAppUsesNonExemptEncryption key. Without it, every TestFlight and App Store upload triggers a manual export compliance prompt, slowing down your release process.
Resolution Guide
01
**Determine your encryption usage** — If your app only uses standard HTTPS (URLSession, Alamofire, fetch) and no custom encryption, you qualify for the exemption.
02
**Add the key to Info.plist** — Add `ITSAppUsesNonExemptEncryption` with value `NO` (boolean false) to your Info.plist. This tells Apple your app uses only exempt encryption and skips the manual compliance prompt on each upload.
03
**If you use custom encryption** — If your app uses CryptoKit with non-standard algorithms, OpenSSL, libsodium, or custom AES/RSA implementations, set the value to `YES`. You will need to obtain an Encryption Registration Number (ERN) from the US Bureau of Industry and Security and provide it in App Store Connect.
04
**For Expo/React Native** — Add to `app.json` under `expo.ios.infoPlist`: `"ITSAppUsesNonExemptEncryption": false`. For bare RN, add directly to `ios/<AppName>/Info.plist`.
05Add this key to Info.plist in every new iOS project Include it in your project template or boilerplate
**Verify on next upload** — After adding the key, archive and upload. The export compliance prompt should no longer appear.
Prevention:
Community Solutions · 0
Sign in to share your solution.
More Guideline 5 (Legal) rejections
- Guideline 5 - Legal: Remove Watermark Feature
- Guideline 5.1.1 - Data Collection and Storage: Incomplete Privacy Manifest
- Guideline 5.1.1 - Data Collection and Storage: Missing Purpose Strings
- Guideline 5.1.1 - Data Collection and Storage: Privacy Manifest Missing
- Guideline 5.1.1 - Data Collection and Storage: Privacy Nutrition Label Mismatch
- Guideline 5.1.1 - Data Collection and Storage: Privacy Policy