Apple tweaks enterprise certificate program to rein in abusive apps

First it was Facebook. And then Google got caught in the widening dragnet. Before long it was discovered that quite a few different apps were taking advantage of Apple’s enterprise certificate program. But Apple is making changes in an effort to reduce that possibility.

According to a report on Friday from The Verge (via AppleInsider), Apple has made a few key changes to its enterprise certificate program. The goal is to reduce the possibility that an application can be used to target and take advantage of iOS users, no matter how big or small the app’s developer is. The original report notes that these changes include the ability by Apple to review any app using the certificate program at any time, and without warning.

Interestingly, it looks like Apple made these changes before this year’s WWDC kicked off last week. The changes were first spotted by developer Steve Moser, who tweeted out about the changes, but deleted the original tweet after publishing it.

The new rules make it so that Apple has the ability to thoroughly review any app using the enterprise certificate program at any point in time, even well after launch.

You understand and agree that Apple reserves the right to review and approve or reject any internal use application that you would like to deploy … at any time during the term of this agreement,” reads a new section in the Terms & Conditions for the App Store. “If requested by Apple, you agree to fully cooperate with Apple and promptly provide such internal use application to Apple for such review.

So if Apple determines that an app has run afoul of its rules, it can tell the developer that it must pull the app from the App Store until changes are made to better align with the App Store’s rules.

This shift in methodology is more than likely meant to avoid pulling a developers enterprise certificate altogether. Apple went down this route with both Facebook and Google.

Apple probably should have had this rule in place from the get-go, considering that the enterprise certificate program makes it possible to bypass the App Store altogether, and load an app with features that would otherwise be blocked by the digital storefront.

Still, better late than never.