We would like to publish our app, which uses the Blackberry Dynamics SDK, via unlisted store entry in the Apple app store. (https://developer.apple.com/support/unlisted-app-distribution) For this the app has to go through the store review process. The first build I uploaded got rejected because the reviewers couldn't access all parts of the app. This was somehow expected, because Blackberry Dynamics apps just show a screen to enroll your device into UEM if it's not. For testing I downloaded some other Blackberry Dynamics apps from the app store and they all do the same.
So my question is: To successfully get the app through the store review, would we have to provide Apple an account in our Blackberry UEM system? Will they actually enroll a device there for testing or is there a different way to do this?
Yes, you will need to provide the Apple App Store reviewer with credentials to activate your app with BlackBerry UEM. This could be a test instance or a dedicated BlackBerry UEM Cloud environment.
Here are BlackBerry's recommendations for App Store submissions.
Rule 3.1.1 In-App Purchase:
Apps that unlock or enable additional features or functionality with mechanisms other than the App Store will be rejected.
To ensure this issue is addressed, your submission’s Review Notes SHOULD contain the following:
PLEASE NOTE:
No additional functionality is unlocked or enabled via the activation code. The application will not function at all without activation with the BlackBerry Dynamics framework. This is similar to other App Store apps like Box needing a Box account, Evernote needing an Evernote account, etc.
All applications incorporating BlackBerry Dynamics security features are designed to work only within the BlackBerry Dynamics backend infrastructure framework. They cannot operate without the framework that ensures only authenticated end users can access an organization’s resources.
For activation and authentication of an application with the BD framework, users must enter an Authentication Passcode provided by their IT department along with their corporate email address. This is a security feature that cannot be replaced by a log
The above notes apply to all applications built with BlackBerry Dynamics. There are many BlackBerry Dynamics-based applications already in the App Store, a few of which were challenged with this rule, but accepted after further review.
Rule 3.1.2 Subscriptions:
Apps offering subscriptions must do so using In-App Purchase, Apple will share the same 70/30 revenue split with developers for these purchases, as set forth in the Developer Program License Agreement. To ensure this issue is addressed your submission’s Review Notes SHOULD contain the following:
PLEASE NOTE:
All applications incorporating BlackBerry Dynamics security features allow access to a server based solution (SaaS) and backend Infrastructure (IaaS).
The application does not offer a subscription and there is no in-app purchasing capability. If access to the backend infrastructure is desired, then Enterprises may only order and purchase access licenses from the developer for its users using various negotiated business terms – site licenses, perpetual licenses, etc. Access licenses are device independent, transferable.
The application can support a single user over several devices. The reason for a separate access code per device is because of BlackBerry's application management capability, where for example a customer admin has the ability to remotely wipe the enterprise data within a BlackBerry Dynamics application on a specific device.
Rule 5.5 Mobile Device Management:
BlackBerry Dynamics SDK does NOT utilize any Mobile Device Management (MDM) APIs. Additionally, enterprise data is encrypted at rest with AES-CBC using with 256 bit key and data in-transit is also encrypted over SSL/TLS connection.
When submitting an application to the Apple App Store or Google Play the developer MUST provide a valid BlackBerry Dynamics environment and information for Apple and Google to properly test the application. If you do not provide these, it is highly unlikely that your application will be approved. Specifically:
• Provide a unique set of authentication credentials (email address and activation passcode) for the setup process
• Make sure the user is provisioned in BlackBerry UEM and configured to access the application (entitlement ID) you are submitting
• Disable, or configure very weak password requirement in the BlackBerry Dynamics Profile via UEM to simplify the sign-in process
• Ensure that your application handles the provisioning cancellation use-case (see GDiOSDelegate::handleEvent with type: GDAppEventNotAuthorised and code: GDErrorProvisioningCancelled)
• Ensure that the BlackBerry Dynamics provisioning screen is the first screen in application's first launch flow
• Ensure your BlackBerry UEM Server is online if not using BlackBerry UEM Cloud.
To avoid general consumers downloading the application by mistake and giving an unfavorable rating, BlackBerry suggests to include the following text right under the Application name and notify consumer users.
IMPORTANT NOTE:
[App Name] for BlackBerry will not operate without the necessary licenses from BlackBerry. It has been specially developed to operate with the BlackBerry Dynamics mobile application management(MAM) platform.