Coming soon to Apple: third-party app stores — and sideloading apps

Apple is being required to give up its tight control of software on the iPhone and iPad, and Apple executives have acknowledged plans to comply with the EU’s Digital Markets Act (DMA). While the company will keep fighting government pressure to open up its devices to third parties, these mechanisms will likely be used for mandates from other governments around the world.

Despite how earth-shaking this might sound, there’s ample precedent for Apple to support third-party app markets and sideloading of individual apps, dating back to iOS 4, which was released in 2010 alongside the iPad and iPhone 4. That’s when Apple introduced mobile device management (MDM) for iOS devices, providing IT departments a framework to remotely secure and manage iPhones and iPads in both the workplace and in education.

One facet of MDM platforms is the need to manage apps; Apple has built and refined multiple approaches to doing so over the years. One option is simply to allow IT to mass-install apps automatically during or after initial setup. The other is enterprise app stores, where employees can download corporate apps for themselves, including in-house enterprise apps that aren’t available externally and apps from the App Store that have been purchased or licensed by an employer.

The latter of these would easily serve as a template for companies looking to set up competing app marketplaces. It’s very likely Apple would use this model, in part because it already exists and has been proven and refined over more than a decade, and in part because it allows the company to still exercise control over iOS as a platform.

Apple will give only what it absolutely has to

Apple has fought against this prospect ever since the iPhone first shipped in 2007. The first generation of iOS (then known as iPhone OS) didn’t support third-party apps of any kind. Users had a set of stock apps from Apple and the option of running web-based apps in Safari. Soon after the iPhone shipped, users tried to jailbreak it and get support for additional apps (as well as support for carriers other than AT&T). From the get-go, Apple fought back against iOS hacks to jailbreak the platform — and it continues to do so to this day.

The company created the App Store within a year, using the underpinnings of the iTunes Store, which had been serving up music and video content for payment and distribution. Although jailbreaking never really went away, each iOS release made it more difficult as Apple continually patched security holes. (The Mac App Store didn’t arrive until 2011.)

Apple also fought the notion of an open, user-accessible file system like those on a Mac or PC. (It did eventually create the Files app, so users could manage files and share them among multiple apps and cloud services, but that represents a sandboxed file storage area similar to a user’s macOS Home folder.) The files that make up apps and iOS itself — along with its various configuration files — are still not user-accessible and aren’t even fully available to app developers. Even the limited capabilities of the Files app were something Apple tried to avoid for years.

What this history means is that Apple will push to keep iOS itself as closed as possible, allowing access only where technically or legally necessary.

We can debate the company’s motives and whether its restrictions are ultimately good or bad for customers, but the fact is that Apple will never open up iOS voluntarily — and when its hand is forced, will open in the narrowest way possible.

Sideloading vs. alternative app stores

These two terms often get used interchangeably because they both relate to installing apps from outside Apple’s App Store, but there some important distinctions. Sideloading refers to installing apps outside of an app store, such as downloading them from the web or installing them from a Mac or PC. Historically, this is the way software was installed before integrated mobile and app stores existed. Apple continues to support to the process in macOS (to various levels, depending on your security settings).

Apple also supports sideloading on iOS in limited circumstances, such as by  businesses or schools, as well as from developers inviting users to test and report on unreleased or beta apps.

An alternate app store is, well, an app store. It allows browsing, purchasing, and installation of apps. There’s a central source users rely on to accomplish these tasks and they’re done in a uniform way. They can allow or reject specific apps based on whatever criteria they want. They can perform security and reliability testing (as Apple does) or not. They can respond to complaints, to refund requests, or to apps found to host malware if and how they choose. They can manage pricing, developer compensation, and legal requirements with as much or as little transparency as they want.

The app store as an enterprise app

If you’ve used an iPhone or iPad at work, it most likely was enrolled in a management platform. In a BYOD setting where you use your personal iPhone or iPad for work, one of the first things you do when starting a new job is to download an MDM client app from Apple’s App Store. Using that app, you enroll your device with an MDM server that lets your company configure different device settings, security states, and work-related accounts — commonly, this provides you with access to corporate Wi-Fi, sets up your email, and likely requires a complex password.

This might also provide access to an enterprise app store, either in the MDM client app or as a standalone option. An enterprise app store typically looks and functions much like Apple’s App Store. The primary difference: it isn’t associated with your personal Apple ID and doesn’t use any personal payment method.

Your identification is based off your enterprise user account (the one that lets you log into a Mac or PC or access services such as Microsoft 365), and the apps have already been paid for by your employer. There’s nothing particularly momentous about an enterprise app store from a user perspective. It’s just where you go to install apps for work.

Apps from an enterprise app store look and function like any other apps — you probably wouldn’t notice a distinction between them — but behind the scenes, your iPhone or iPad has created a sandbox that separates your personal apps from business apps. This separation has practical benefits; your employer can’t see any personal information on your device or in any personal apps you’ve installed and can’t delete anything personal like photos or health information. Your employer can only access apps (and data they create) that were installed through the enterprise app store, something it might extend to alternate commercial stores.

Is Apple still gatekeeping?

The first point in my description of an enterprise app store is important. You download an app from Apple’s App Store and then use it to access the enterprise app store. There’s still a step where Apple inserts itself — the enterprise app store is itself an app that Apple has vetted and allowed in its own the App Store. Most likely Apple will want alternatives to its App Store to work the same way.

This means that Apple will be supporting competing stores, while maintaining a certain level of control, because each store will need to meet some standards to be available to users. Although Apple can’t dictate what goes into a competing store or how things are paid for, it can at least ensure that competing stores rise to a certain level of security and offer some degree of accountability.

This gives Apple a certain gatekeeping role, albeit a diminished one. On a certain level, this is a practical necessity. There needs to be a way for users to access competing stores and the logical option is to make those stores apps in themselves.

Apple will almost certainly sandbox competing stores and the apps that come from them. iOS is already a very closed operating system, with apps forced to function in a distinctly protected space; there are only a handful of ways for apps to interact with iOS itself or with each other.

Apple is likely to build on this and on its MDM model of creating total or near-total separation. In this case, instead of separating work and personal, the company will separate apps from its App Store that go through Apple’s review process from apps in other app stores, with each store likely functioning in clearly separate and defined areas.

This may well limit what apps from other stores can do on an iPhone or iPad. Much in the same way that a work app cannot access a personal app in a business context, Apple will likely keep apps from another source from being able to interact with App Store apps and with sensitive information stored on an iOS device. Beyond that level of sandboxing, Apple will probably go further in limiting how apps from another store interact with each other.

This could get confusing if you’re installing apps from multiple app stores with each being sandboxed separately. Unless there is a tag on the app icon, it might be unclear where each app came from and with which other apps it can exchange data.

Thus far, even though Apple technically separates work and personal apps on a device, it doesn’t visually separate them and there is no obvious indicator as to which is which. Apple has maintained this to preserve the iOS user experience on a managed device, wanting an iPhone to still look and feel like an iPhone even when it is managed by its owner’s IT department. It’s possible that apps from other stores will gain some kind of indicator from Apple, from the stores themselves or even from developers creating a badge or separately styled icon.

What about sideloading or non-app storefronts?

Although Apple will likely want outside stores to function like enterprise app stores, there’s no guarantee this will be the end result. One possibility is that independent stores or developers could simply post an app on a web server to make it available to anyone for download. This would work much like macOS already does.

My assumption is that Apple will not support this unless explicitly forced to do so. The company still maintains tight control over the web browsing experience on iOS (all browsers are required to use Apple’s webkit rendering engine) meaning it could very easily block app downloads from the web.

Even on macOS, installing apps from the web isn’t completely unmanaged. By default, a Mac will only permit apps from the Mac App Store. This can be changed in the Privacy and Security section of System Settings with an option for App Store and identified developers (meaning apps from those developers who have signed their code and were approved by Apple). Unsigned apps will still install, but don’t run unless a user takes specific steps to let their Mac run the app anyway.

This means sideloading apps outside of a defined app store isn’t likely to be supported without additional parameters. Or apps could require some other digital signature that puts them in a specific category and level of access to iOS. One example: Apple’s own Testflight, which allows developers to enroll users as beta testers.

Saying it explicitly

One thing is almost certain, however this plays out. Apple is going to make users specify that they are choosing to install apps that didn’t go through the App Store review process, that might not be secure, and that they want to install and run anyway. This might discourage users from doing so, but it also means informed consent — like picking up a pack of cigarettes and seeing a big warning on the pack. You’re acknowledging you have been warned and that you understand the warning.

Making this explicit means you are essentially absolving Apple of all responsibility for what happens next (in the cigarette analogy, you knew you could get lung cancer when you lit up). And like a tobacco company not paying your medical bills if you get cancer, Apple isn’t going to be sympathetic if you agree to these warnings and something bad happens.

That’s only fair. After all, protecting users, their devices, and their privacy are among the top reasons to prevent or limit apps Apple hasn’t vetted. By saying you understand the implications (you’re clicking the lighter) and want to do it anyway, you’re on your own.

I doubt Apple would go so far as to say alternate app stores or sideloading will void your warranty (and AppleCare), but it wouldn’t surprise me. At the least, you’re looking at less involved technical support than you typically get today. Hopefully, alternate stores will also have alternate support systems. If not, well, you’re lighting that cigarette.

Alternate app stores at work

We started with enterprise app stores and MDM, so I’ll close there. If you have a managed iOS device (yours or your employer’s), don’t be surprised if you’re unable to access alternate app stores or run apps from them. It might not be there yet, but MDM vendors are certain to have the option to block apps from alternate sources, either from installing them or running them.