Preparing Your iOS App for App Store Submission: Our Recommended ATS Configurations

With the looming changes to ATS Enforcement in the iOS App Store submission review process, we know you’re worried about how to best prepare the ATS configurations in the info.plist for your apps. There are two big questions here:

  • If I disable ATS, will my iOS app get rejected from the App Store?
  • If I don’t disable ATS, will I see a drop in ad delivery and ad revenue?

There’s still a lot of uncertainty both in how strictly Apple with handle the review process and how well prepared the ad tech ecosystem is on the server side. Keeping this in mind, we have prepared our formal recommendations on how you should approach configuring ATS within your info.plist when integrating Fyber and other networks via Fyber Mediation.

Step 1: Update to the Minimum Version with ATS Compatibility

The table below shows a list of networks that Fyber supports via our mediation bundles. Every network has an ATS-compliant SDK available. The minimum version of their SDK that supports ATS is shown in the table.

Make certain you’re using a bundle version that is equal to or higher than the minimum version listed in the table.

Network Min Version for ATS Special Info.plist Flags
AdColony 2.6.3 NSAllowsLocalNetworking: YES
AdMob 7.15.0 (Bundle coming soon) NSAllowsArbitraryLoads: YES NSAllowsArbitraryLoadsForMedia: YES NSAllowsArbitraryLoadsInWebContent: YES
AppLovin 3.1.3 none
Chartboost 6.0.0 none
Facebook x none
Flurry 7.1.0 none
Fyber 7.2.0 none
HyprMX 4.2.0 (r78) NSAllowsArbitraryLoads: YES NSAllowsArbitraryLoadsForMedia: YES NSAllowsArbitraryLoadsInWebContent: YES
InMobi 5.3.0 none
Inneractive 6.3.0 NSAllowsArbitraryLoads: YES NSAllowsArbitraryLoadsInWebContent: YES
LoopMe 6.0.1 none
MediaBrix 1.8.0.050 none
Millennial 6.3.1 none
NativeX 5.5.9 (Bundle coming soon) none
Tapjoy 11.2.2 NSAllowsArbitraryLoads: YES NSAllowsLocalNetworking: YES
Tremor 3.13 none
UnityAds 1.5.4 none
Vungle 4.0.4 none

Step 2: Check if ATS Flags are Required

Even though all of the networks offer an “ATS Compliant” SDK, some of them do still require certain ATS configuration settings to be added to your info.plist. These settings will disable ATS in certain scenarios in order to ensure smooth delivery of ads, and should be added during your integration process.

  • If your network(s) require special flags: If you want to use that network, you will have to include these respective flags in your info.plist in order to ensure successfully ad delivery. These three flags will trigger an App Store review and will require Reasonable Justification:
    {
    "codes": [
      {
        "code": "NSAllowsArbitraryLoads: YES\nNSAllowsArbitraryLoadsForMedia: YES\nNSAllowsArbitraryLoadsInWebContent: YES ",
        "language": "text"
      }
    ]
    }
    

    See the FAQ below for what constitutes a “Reasonable Justification”.

  • If none of your networks require special flags: We recommend leaving your info.plist free of any ATS-related flags. This will ensure ATS is fully enabled (to its default state) and your app is sending network traffic over a secure protocol (HTTPS). This also avoids any potential ATS related rejections from the app store.

Please Note: While these networks have made vigorous efforts to ensure that both their SDK on the client side and their ad servers are capable of handling traffic securely via HTTPS, the ad server ecosystem is quite complex and there is always a chance that a specific ad campaign, server, or third party tool has slipped through the cracks.

Make sure to keep an eye out in the early months of 2017 for unusual or anomalous activity. If you have any concerns - such as drops in fill rates, impressions, or revenues from any network - please reach out to a representative at both Fyber and the related Ad Network for further investigation and support. We do not anticipate any significant impacts at all, but it is always good to keep an eye out, especially in the early stages of this new development in application security.

FAQs:

What constitutes a “Reasonable Justification”? There is no guaranteed right answer to this, as there is still a lot of uncertainty in how Apple with handle the review process starting in 2017. Our best advice is to inform Apple that you are using ad technology that requires such flags in order to ensure smooth delivery of advertisements. If you are still rejected, please contact your representative at both Fyber and the related Ad Network for further support.

What if we are unable to update to the minimum SDK version? If you absolutely must stay on an older SDK version than listed, and are submitting your app for review, it is best to assume that these SDK versions are unable to support ATS. You should then include all of the following flags to disable ATS wherever possible:

{
  "codes": [
    {
      "code": "NSAllowsArbitraryLoads: YES\nNSAllowsArbitraryLoadsForMedia: YES\nNSAllowsArbitraryLoadsInWebContent: YES\nNSAllowsLocalNetworking: YES",
      "language": "text"
    }
  ]
}

Working with App Transport Security (ATS)

What is ATS?

App Transport Security (ATS) is a feature that blocks applications from making insecure network connections. The entire advertising ecosystem must support ATS, but this large industry shift will take some time. Fyber’s infrastructure currently complies with ATS, and we are working with our Fyber Exchange and Fyber Mediation partners to facilitate the transition on their end.

How do I disable ATS?

We recommend overriding ATS through the application .plist configuration file. To do that, adjust your .plist configuration file:

<key>NSAppTransportSecurity</key>
<dict>
	<key>NSAllowsArbitraryLoads</key>
	<true/>
</dict>

Why do I have to disable ATS?

Not disabling ATS can impact your app monetization due to decreased fill rate from Fyber Exchange and the mediated partners exchange. The fill rate may decrease, as not all exchange advertisement partners comply with ATS presently - they would be unable to compete for your traffic if ATS is enabled.

In which scenario is disabling ATS not enough?

The Fyber SDK establishes a secure connection for Rewarded Videos, but iOS does not allow active mixed content to be provided in web views. If your mediation partner provides non-secure active content through a secure connection - for example, videos from a VAST campaign - then disabling ATS is not enough. In that case SSL must be completely disabled for Rewarded Videos in the Fyber SDK.

How do I disable SSL for Rewarded Videos?

You can disable secure connections for the Rewarded Video endpoint through the application .plist configuration file. To do that, add the following key (FYBEnableSSLRewardedVideo : Boolean) to your .plist configuration file:

<key>FYBEnableSSLRewardedVideo</key>
<false/>

Still have a question?

Need more help? Please get in touch! Contact your Account Manager or report an issue to our Developer Support team, or contact the Developer Portal team directly, including details of your account if you are a registered Fyber Developer.