Apple Rejected 2 Million App Store Submissions in 2025 for Security and Fraud Prevention

Overview

Apple has published its annual App Store transparency report, revealing the company rejected over 2 million app submissions in 2025 for violating App Store guidelines related to security, fraud, and privacy. The company also blocked more than 1.1 billion accounts and prevented over $2.2 billion in potentially fraudulent transactions during the same period.

The figures underscore the sustained scale of malicious activity targeting Apple's platform — and the operational investment required to maintain App Store integrity.

2025 by the Numbers

Metric	2025 Total
App submissions rejected	2,000,000+
Accounts blocked	1,100,000,000+
Fraudulent transactions prevented	$2,200,000,000+

What Gets Rejected?

Apple's review process screens submissions across multiple violation categories:

Malware and unauthorized data collection — apps embedding malicious code or spyware
Privacy violations — misuse of system APIs or data collection without disclosure
Fraud and impersonation — fake apps cloning legitimate services or brands
Guideline non-compliance — policy violations across content, payments, and functionality
Developer account abuse — accounts flagged for suspicious submission patterns or stolen credentials

The review pipeline combines automated static analysis and dynamic scanning with human review for flagged or higher-risk submissions.

The Ongoing Battle

Despite Apple's review controls, sophisticated actors continue to probe the platform. Notable patterns from 2025 and early 2026 include:

SDK-level attacks — malicious third-party SDKs embedded in otherwise legitimate apps bypass per-app review (e.g., the EngageLab SDK flaw that exposed 50M users)
Developer account rotation — the 1.1B blocked accounts figure suggests heavy automated account creation to cycle through bans
Post-approval updates — dynamic code loading techniques used to introduce malicious behavior after approval
Google Play comparison — the NoVoice malware that infected 23M devices via Google Play illustrates that Apple's stricter controls do provide meaningful friction, even if not a complete barrier

Developer and Enterprise Takeaways

For security teams managing iOS applications or third-party software:

Audit third-party SDKs — the review process evaluates the submitted binary, not the SDK supply chain over time
Monitor code signing integrity — compromised developer certificates enable fraudulent repackaging outside the App Store
Use App Attest — Apple's App Attest API enables runtime verification that apps are genuine and unmodified
Watch sideloading risk — EU regulatory changes have expanded alternative distribution channels; enterprise policies should address accordingly

References

Overview

The figures underscore the sustained scale of malicious activity targeting Apple's platform — and the operational investment required to maintain App Store integrity.

Metric

2025 Total

App submissions rejected

2,000,000+

Accounts blocked

1,100,000,000+

Fraudulent transactions prevented

$2,200,000,000+

What Gets Rejected?

Apple's review process screens submissions across multiple violation categories:

Malware and unauthorized data collection — apps embedding malicious code or spyware

Privacy violations — misuse of system APIs or data collection without disclosure

Fraud and impersonation — fake apps cloning legitimate services or brands

Guideline non-compliance — policy violations across content, payments, and functionality

Developer account abuse — accounts flagged for suspicious submission patterns or stolen credentials

The review pipeline combines automated static analysis and dynamic scanning with human review for flagged or higher-risk submissions.

The Ongoing Battle

Despite Apple's review controls, sophisticated actors continue to probe the platform. Notable patterns from 2025 and early 2026 include:

SDK-level attacks — malicious third-party SDKs embedded in otherwise legitimate apps bypass per-app review (e.g., the EngageLab SDK flaw that exposed 50M users)

Developer account rotation — the 1.1B blocked accounts figure suggests heavy automated account creation to cycle through bans

Post-approval updates — dynamic code loading techniques used to introduce malicious behavior after approval

Google Play comparison — the NoVoice malware that infected 23M devices via Google Play illustrates that Apple's stricter controls do provide meaningful friction, even if not a complete barrier

Developer and Enterprise Takeaways

For security teams managing iOS applications or third-party software:

Audit third-party SDKs — the review process evaluates the submitted binary, not the SDK supply chain over time

Monitor code signing integrity — compromised developer certificates enable fraudulent repackaging outside the App Store

Use App Attest — Apple's App Attest API enables runtime verification that apps are genuine and unmodified

Watch sideloading risk — EU regulatory changes have expanded alternative distribution channels; enterprise policies should address accordingly

Apple Rejected 2 Million App Store Submissions in 2025 for Security and Fraud Prevention

Overview

2025 by the Numbers

What Gets Rejected?

The Ongoing Battle

Developer and Enterprise Takeaways

References

Apple Blocked Over $11 Billion in App Store Fraud in 6 Years

npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks

Trapdoor Android Ad Fraud Scheme Hit 659 Million Daily Bid Requests Using 455 Apps

Apple Rejected 2 Million App Store Submissions in 2025 for Security and Fraud Prevention

Overview

2025 by the Numbers

What Gets Rejected?

The Ongoing Battle

Developer and Enterprise Takeaways

References

Apple Blocked Over $11 Billion in App Store Fraud in 6 Years

npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks

Trapdoor Android Ad Fraud Scheme Hit 659 Million Daily Bid Requests Using 455 Apps