Keywords: TestFlight | Compliance | Encryption Export Control | Info.plist | ITSAppUsesNonExemptEncryption
Abstract: This technical paper provides an in-depth analysis of the 'Missing Compliance' warning that iOS developers encounter when uploading builds to TestFlight for internal testing. The paper examines the root cause—U.S. export compliance regulations for encryption technologies—and presents two primary solutions: for apps not using non-exempt encryption, adding the ITSAppUsesNonExemptEncryption key with value false in Info.plist resolves the issue; for apps with custom encryption, additional legal documentation and review are required. Detailed code examples and Xcode interface guidance help developers implement compliance configurations effectively.
Problem Background and Phenomenon Analysis
During iOS app development, when developers upload build versions to TestFlight for internal testing, they may encounter a "Missing Compliance" status indication. This typically appears in the App Store Connect management interface, indicating that the current build version does not meet specific export compliance requirements.
Legal Background of Compliance Requirements
This compliance requirement stems from U.S. export control regulations, particularly restrictions on the export of encryption technologies. According to relevant regulations, any software containing encryption functions must undergo compliance declaration when exported. As a U.S. company, Apple must ensure that applications distributed through its platform comply with these regulatory requirements.
Solution Classification
Depending on whether the application uses non-exempt encryption, solutions can be divided into two scenarios:
Scenario 1: Applications Not Using Non-Exempt Encryption
For most applications that do not involve special encryption functions, the issue can be resolved through simple configuration. Specific operations are as follows:
Method 1: Directly Edit Info.plist File
Add the following key-value pair in the project's Info.plist file:
<key>ITSAppUsesNonExemptEncryption</key>
<false/>Method 2: Configure Through Xcode Graphical Interface
1. Open the project file in Xcode
2. Select the target
3. Navigate to the Info panel
4. Add a new Boolean key "App Uses Non-Exempt Encryption"
5. Set the value to NO
Scenario 2: Applications Using Custom Encryption
If the application indeed uses non-exempt encryption technologies, developers need to:
1. Prepare relevant legal documents
2. Submit encryption usage descriptions
3. Wait for review and approval from relevant authorities
4. Only after approval can build versions be selected for testing
Technical Implementation Details
The setting of the ITSAppUsesNonExemptEncryption key directly affects the classification of the application in export compliance reviews. When set to false, the system considers the application to be using exempt-level encryption technologies, thereby simplifying the compliance process.
At the code level, the priority of this configuration is as follows:
// The system first reads the configuration from Info.plist
// If not set, the system attempts to automatically detect the application's encryption usage
// "Missing Compliance" warning appears when automatic detection fails or is uncertainHandling in Testing Workflow
In the TestFlight testing workflow, if developers attempt to select a version with "Missing Compliance" status, the system will pop up a compliance information collection dialog. After selecting the "No" option, the system recommends the Info.plist configuration solution mentioned above.
Historical Background and Implementation Timeline
This compliance requirement was initially announced at the 2015 WWDC conference, but actual enforcement occurred relatively later. Relevant technical details were explained in detail in that year's "What's New in iTunes Connect" session.
Best Practice Recommendations
1. Consider encryption compliance requirements early in project development
2. For applications not using special encryption, recommend adding ITSAppUsesNonExemptEncryption setting in initial configuration
3. Regularly check the latest requirements on export compliance in Apple developer documentation
4. Establish internal compliance check processes within the team to avoid pre-release delays
Common Issue Troubleshooting
If the problem persists after following the above methods, it is recommended to check:
1. Whether the Info.plist file is correctly saved and included in the build
2. Whether the key name spelling is accurate (pay attention to case sensitivity)
3. Whether the build version includes the latest configuration changes
4. Whether there are conflicts with multiple Info.plist files
By correctly understanding and implementing these compliance configurations, developers can effectively resolve the "Missing Compliance" issue in TestFlight, ensuring smooth progression of application testing and release processes.