Apple moved to block developers from exploiting users' devices in the background to generate cryptocurrency profits. Graphic by Seeflection.

New Guidelines to Block Developers from Crypto Profiteering

Apple, according to an update this month to the terms of use on the company’s App Store, is actively forbidding cryptocurrency mining in apps for the company’s devices, a move which will prevent the surreptitious abuse of users’ computers, iPhones and other devices to generate illicit crypto profits.

The primary method for Apple’s legion of worldwide customers to purchase and install apps onto their estimated 1.3 billion+ active devices, the App Store is the only way for mobile users to install new apps without “jailbreaking” them. The practice makes Apple’s ecosystem smaller and more restrictive than competing mobile operating systems, but also ensures that new apps fit within the company’s policies for safety, stability and content. Prospective App Store content is governed by Apple’s official app guidelines, a document which establishes ground rules for third party developers “to provide a safe experience for users to get apps and a great opportunity for all developers to be successful.”

Released in early June in time for Apple’s annual WWDC developer conference, the latest revision of the company’s App Store guidelines explicitly prohibits cryptocurrency mining on devices. While Apple has offered support for bona fide cryptocurrency apps such as approved mobile wallets and apps for bona fide crypto trading markets (indeed, the mobile app for crypto platform Coinbase topped Apple’s iPhone charts during 2017’s crypto craze), the latest guidelines are designed to eliminate any potential leeway in the store’s guidelines for developers to employ apps or advertisements for on-device cryptocurrency mining. From Apple’s App Store guidelines:

2.4.2 Design your app to use power efficiently. Apps should not rapidly drain battery, generate excessive heat, or put unnecessary strain on device resources. Apps, including any third party advertisements displayed within them, may not run unrelated background processes, such as cryptocurrency mining.”

Mostly based on blockchain networks, today’s cryptocurrencies operate largely via “proof-of-work” algorithms, which require the networks’ decentralized users to provide the computing power to keep the network running securely. The computationally intensive process of mining involves the solving of complex mathematical problems to process and validate the networks’ transactions and in return create new units of cryptocurrency. While mining today’s cryptocurrencies require high-end GPUs and ASICs (along with the large quantities of power needed to run and cool them) and are difficult to profit substantially from for individuals and hobbyists, institutional crypto mining at larger scales has become a lucrative worldwide industry.

Weak and ill-suited to heat dispersion compared to dedicated mining rigs, individual computers and smartphones struggle to mine cryptos, let alone to do it profitably, given their lack of processing power. An app developer or advertiser, however, could employ thousands of individual devices to build a profitable mining operation by exploiting naive or unsuspecting app users. Despite hogging processing power, battery life and ultimately shortening the lifespan of an individual phone or computer from wear and tear, shady developers could still line their pockets with cryptocurrencies, given enough users.

One such case was ArsTechnica’s high-profile coverage of Calendar 2, a cross-platform mobile calendar app that offered users free access to premium features in exchange for “unobtrusive” on-device mining of the popular cryptocurrency Monero. While Calendar 2 at least disclosed the mining, users may not have known of the intensive, performance-robbing toll the feature incurred on their phones.

According to Apple’s updated guidelines, the App Store still allows for legitimate cryptocurrency apps such as those outlined earlier, and even permits cryptocurrency mining as long as the actual mining occurs off-device, clarified in the guidelines’ newly expanded section on cryptocurrencies:

3.1.5 (b) Cryptocurrencies:

(i) Wallets: Apps may facilitate virtual currency storage, provided they are offered by developers enrolled as an organization.
(ii) Mining: Apps may not mine for cryptocurrencies unless the processing is performed off device (e.g. cloud-based mining).
(iii) Exchanges: Apps may facilitate transactions or transmissions of cryptocurrency on an approved exchange, provided they are offered by the exchange itself.
(iv) Initial Coin Offerings: Apps facilitating Initial Coin Offerings (“ICOs”), cryptocurrency futures trading, and other crypto-securities or quasi-securities trading must come from established banks, securities firms, futures commission merchants (“FCM”), or other approved financial institutions and must comply with all applicable law.
(v) Cryptocurrency apps may not offer currency for completing tasks, such as downloading other apps, encouraging other users to download, posting to social networks, etc.