# Rejection Risk Mitigation > Kordant iOS App — Pre-submission risk analysis > Last updated: 2026-06-02 --- ## High-Risk Areas & Mitigation ### Guideline 2.1 — App Completeness **Risk**: Rejection for incomplete features or placeholder content **Mitigation**: - ✅ Removed "Map integration coming soon" from PropertyDetailView - ✅ All buttons are functional (including "Upgrade Plan" → opens billing portal) - ✅ No disabled UI elements - ✅ All navigation paths tested and working - ✅ Empty states provide meaningful feedback (not blank screens) **Residual risk**: LOW — All features are complete and functional --- ### Guideline 3.1.1 — Payment (Subscription Model) **Risk**: Rejection for not using In-App Purchase for digital subscriptions **Mitigation**: - ✅ Subscriptions are for **access to server-side monitoring services** (dark web scanning, data broker removal) - ✅ Services are not digital content consumed within the app - ✅ Billing handled via Stripe Customer Portal (web billing) - ✅ "Upgrade Plan" button opens the billing portal - ✅ Free tier available with limited features - ✅ No external links to purchase digital goods within the app - ✅ Documented rationale: service-based subscription, not content subscription **Reference**: Apple's guidance distinguishes between: - **Digital content** (magazines, music, games) → must use IAP - **Service access** (cloud storage, monitoring, real-world services) → web billing acceptable **Residual risk**: LOW-MEDIUM — Service model is clearly distinct from digital content --- ### Guideline 4.2 — Minimum Functionality **Risk**: Rejection for being a "wrapper" around a website **Mitigation**: - ✅ Full native SwiftUI application — not a web wrapper - ✅ 5+ distinct service modules with native UI - ✅ CallKit integration for spam call filtering (native system feature) - ✅ Home screen widgets with real-time data - ✅ Siri shortcuts for common actions - ✅ Push notification deep linking - ✅ Offline data caching and sync - ✅ Biometric authentication - ✅ Native camera integration for document scanning - ✅ Native microphone access for voice enrollment **Residual risk**: VERY LOW — App is clearly a substantial native application --- ### Guideline 5.1.1 — Data Collection and Storage **Risk**: Rejection for inaccurate or missing privacy disclosures **Mitigation**: - ✅ Privacy manifest (`PrivacyInfo.xcprivacy`) present in main app and widget extension - ✅ All data types accurately declared with correct linkage - ✅ `NSPrivacyTracking` set to `false` — no cross-app tracking - ✅ API access reasons declared (FileTimestamp, DiskSpace, UserDefaults) - ✅ ATT prompt shown before any analytics - ✅ Analytics respects user consent - ✅ No third-party tracking domains - ✅ All permission usage descriptions accurate and localized **Residual risk**: LOW — Privacy disclosures are comprehensive and accurate --- ### Guideline 5.6 — Developer Code of Conduct **Risk**: Rejection for manipulating reviews or ratings **Mitigation**: - ✅ No review prompts in the app - ✅ No SKStoreReviewController usage - ✅ No manipulation of app store metadata - ✅ No incentivized reviews - ✅ No pre-filled review text **Residual risk**: NONE — No review-related code in the app --- ### Guideline 2.3.1 — Performance — Accurate Metadata **Risk**: Rejection for screenshots not matching the app **Mitigation**: - ✅ Screenshots captured from actual app builds - ✅ All supported device sizes (iPhone SE, 12, 14 Pro, 15 Pro Max) - ✅ Screenshots reflect current app state (no outdated UI) - ✅ App preview video shows real app functionality - ✅ Description accurately reflects app capabilities **Residual risk**: LOW — Ensure screenshots are refreshed before each submission --- ### Guideline 2.1 — Crash on Launch **Risk**: Rejection if app crashes during review **Mitigation**: - ✅ Deferred initialization — no blocking work on launch - ✅ Graceful error handling for all async operations - ✅ Network failure handling with retry - ✅ Permission denial handling - ✅ Keychain access with error recovery - ✅ Security checks run on background thread - ✅ Tested on multiple iOS versions (17.0+) **Residual risk**: LOW — Comprehensive error handling throughout --- ## Medium-Risk Areas ### Jailbreak Detection **Risk**: Reviewer's device triggers jailbreak detection (e.g., simulator, development device) **Mitigation**: - ✅ Graceful degradation — app remains functional in degraded mode - ✅ Warning banner is informational, not blocking - ✅ Degraded mode reduces features but doesn't prevent usage - ✅ Security checks are non-blocking (run on detached tasks) **Note**: Apple reviewers typically use clean devices. Simulator testing shows degraded mode works correctly. --- ### Call Directory Extension **Risk**: Extension not properly integrated in build **Mitigation**: - ✅ Extension target added to `project.yml` with proper configuration - ✅ Entitlements created (CallKit + App Group) for shared data access - ✅ `SpamDirectoryService` moved to `Sources/Shared` for cross-target access - ✅ Extension is optional — app works without it - ✅ Clear instructions in SpamShield settings - ✅ Extension status checked via `CXCallDirectoryManager.getEnabledStatusForExtension` - ✅ Graceful fallback when extension is not enabled --- ### Siri Shortcuts **Risk**: Siri intents not configured on reviewer's device **Mitigation**: - ✅ Shortcuts are optional — app works without Siri - ✅ Intent donations happen automatically after onboarding - ✅ Settings screen explains how to enable Siri shortcuts --- ## Low-Risk Areas ### Background Fetch - App uses standard background fetch API - No aggressive battery usage - Fetch interval respects system scheduling ### Push Notifications - Standard UNUserNotificationCenter usage - Deep links use standard userInfo payload - No critical alert abuse ### OAuth Sign-In - Apple Sign-In uses native `AuthenticationServices` - Google Sign-In uses official GoogleSignIn-iOS SDK - Both flows are standard and well-documented --- ## Rejection Response Plan If the app is rejected, follow this process: 1. **Read the rejection email carefully** — Identify the specific guideline 2. **Reproduce the issue** — Test on a clean device/simulator 3. **Fix the issue** — Implement the required change 4. **Update this document** — Add the new risk and mitigation 5. **Resubmit with response** — Use App Store Connect messaging to explain the fix 6. **Target response time**: Within 24 hours of rejection ### Common Rejection Scenarios & Quick Fixes | Rejection Reason | Quick Fix | |-----------------|-----------| | 2.1 — Incomplete app | Remove any remaining placeholder content | | 2.1 — Crashes | Check crash logs, fix the specific crash | | 3.1.1 — IAP required | Clarify service model in review notes | | 4.3 — Spam | Ensure app is unique, not a clone | | 5.1.1 — Privacy | Update privacy manifest, add missing declarations | | 2.1 — Beta label | Remove any "beta", "test", or "preview" text | | 2.1 — Dead links | Verify all external URLs work | | 4.2 — Minimum functionality | Emphasize native features in review notes | --- ## Pre-Submission Checklist Before submitting to App Store Review: - [ ] Build Release configuration - [ ] Verify no `#if DEBUG` code paths contain visible content - [ ] Verify no `print()` calls remain outside `#Preview` blocks - [ ] Verify no force unwraps in production code paths - [ ] Test on physical device (not just simulator) - [ ] Verify all deep links work - [ ] Verify push notifications work - [ ] Verify ATT flow works - [ ] Verify sign-in flows work (email, Apple, Google) - [ ] Verify subscription upgrade button opens billing portal - [ ] Verify widgets appear on home screen - [ ] Verify Siri shortcuts are available - [ ] Verify no console warnings in release build - [ ] Verify app icon and launch screen are correct - [ ] Verify version number and build number are correct - [ ] Verify privacy policy URL works - [ ] Verify all screenshots match current app UI - [ ] Verify app preview video is current - [ ] Verify SpamShield extension target built - [ ] Verify SpamShield extension entitlements correct - [ ] Upload via Xcode Organizer or Transporter - [ ] Fill in App Store Connect metadata - [ ] Add review notes and demo account - [ ] Submit for review