Walk the Line: iOS Account Deletion

Dec 14th, 2022 • Development • Nick Wilkinson

If you have a strong fear of rejection, developing apps might not be for you.

Apple’s App Store review team rejects apps pretty regularly. Resolving the underlying issue usually isn’t a big deal, but every once in a while, and generally when a deadline is looming, Apple’s decision won’t have a clear fix.

“We noticed that your app supports account creation but does not include an option to initiate account deletion that meets all the requirements…. The process for initiating account deletion must provide a consistent, transparent experience for App Store users.”

Seems reasonable – but what exactly does App Review consider sufficiently consistent and transparent?

A Rule is Born

Since June 30, 2022, any app submission to Apple’s App Store that lets users create an account has also had to provide an easy way for users to initiate the deletion of their account within the app. Sounds good in theory: if you provide data about yourself to a company, you should have a way to delete that data. It’s your data, after all.

For the various apps we maintain, we’ve successfully built flows for users to delete their account based on our understanding of Apple’s new rules. In one case though, our approach didn’t meet App Review’s internal requirements. Apple’s public support documentation offers some high-level guidance, but when a service needs IRL coordination among human beings to close an account, as was the case in our situation, Apple’s guidelines don’t specify how exactly account deletion is meant to work.

Having a firm handle on what App Review requires is part of our job. These rules can impact all the apps we build and support. And as we’ve seen in the past, there’s a difference between Apple’s public high-level guidelines and their evolving, private enforcement standards. Considering the interwoven nature of our project timelines, budgets, client expectations, and work assignments, throwing unpredictable and ambiguous rejections into the mix could trigger the Steamclock-verse to fold in on itself. We needed to get ahead of this to trace out how Apple enforces standards to avoid playing a guessing game every time we submit an app for review.

In other words — where is Apple’s line?

A bad example of UI that makes it hard for users' to delete their accounts, reading 'Are you sure you'd like to delete your account? We hate to see you go! But if you must, please submit: a doctor's note, a copy of your birth certificate, a 1,500 word essay about why you're leaving us'

Whatever Apple's line is, it is most certainly not this.

The Descent

We started by diving into Apple’s guidelines:

Make the account deletion option easy to find.

No problem. ✅

Only offering to temporarily deactivate or disable an account is insufficient.

Got it. ✅

Can I direct users to a customer service flow to complete account deletion? It depends.

Hmm. 🤔

If my app links out to the default web browser for account creation, does it still need to offer account deletion within the app? Yes, and linking out to the default web browser for account creation is not appropriate as per our other guidelines.

So… yes, but I shouldn’t be allowed to get into this situation? 😅

Next, we turned to developer blogs and forums, hoping to come across some clarity or hard-won lessons about how others handled account deletion. Instead, we found a wasteland of confusion, despair, and unanswered questions.

“If App Store reviewers delete the pre-configured test accounts we provide them with, how will they be able to complete their review?”

“If all user data tied to an account has to be deleted, how should users be prevented from “gaming” free trial offers?”

“For apps where an Admin creates a skeleton account and provides a deep link to Users so they can finish setting things up on mobile, should the Admin or the User be authorized to delete the account? Both? What even is the account?”

The rabbit hole goes deep, my friends.

A New Hope

Around this same time, we caught wind of the Ask Apple event where registered developers could sign up to… ask Apple things. Direct, technical interaction with Apple’s team is generally only available during WWDCs, so this had the potential to be a perfect opportunity to not only vet a solution for our rejection, but also to get a handle on how we should approach account deletion flows more generally across all our apps.

We were concerned that our one-on-one session might just result in a spoken-word version of Apple’s public guidelines. To our delight, a member of Apple’s review team took the time to provide thoughtful answers to all our questions, from the ultra-granular to the hypothetical. Our review of the Ask Apple program: five stars.

Considering that Apple’s detailed enforcement standards need to evolve to keep pace with new edge cases as they arise, it would have been unrealistic to expect App Review to give us a detailed map of the dos and don’ts of account deletion. However, we did come away from our call with enough data to sketch out our own guidelines for increasing the likelihood of receiving timely, successful approvals. At a high level:

  • Focus on the user’s experience, obvs. No matter what kind of elaborate acrobatics need to happen behind the scenes to actually delete an account, how simple can initiating account deletion be made for the user? Be ruthless. Can the user trigger the process with one tap plus confirmation?

  • Over-communicate with the user. Must the user coordinate some real-world logistics before you can delete their account? Tell them what they’ll need to do. Is it going to take a few days for the user to hear back about next steps? Tell them so. Are you legally required to retain some records even after the account has been deleted? Tell the user what needs to be kept and for how long.

  • Over-communicate with Apple. Make the reviewer’s job easy. Include notes and video with the app submission detailing the deletion process from the user’s perspective. If deleting a pre-configured test account will potentially break the review process, explain the situation in your accompanying notes or video.

  • Start with the end in mind. When prioritizing features for a new app development project, make sure account deletion is considered at the same time you’re working through the details for account creation. If account deletion is going to require manual steps, life will be a lot easier if you can nail that process down up front. This may be a tall ask, but better to have these details sorted out well in advance of the final countdown to your app’s launch.

  • Be a great artist and… copy. Are you unsure of how to approach account deletion for a particular use case? Find apps with a business model that’s roughly similar to yours and build off their approach. Wealthsimple, Netflix, Instagram, and Ridwell (one of our apps!) all provide insight into how account deletion can work for different business models.

  • Plan for the worst-case scenario. In the event that your app’s account deletion flow does get rejected for reasons that are less than clear, despite your best efforts, make sure you have enough time in your schedule (a week or two, if you can afford it) to reach out to App Review for a conversation about what adjustments you should focus on to get their thumbs up.

The Day After Tomorrow

We set out on this journey to figure out what Apple considers consistent and transparent, given that their processes aren’t… consistent or transparent. In the end, Apple’s line can’t be pinned down, at least not exactly. But by staying focussed on building resilient processes, we can increase the likelihood of keeping pace with that line as it wriggles its way into the future.

A good example of UI that shows clear steps in deleting one's account, reading 'Are you sure you'd like to delete your account? We'll reach out in 1-2 business days to coordinate the deletion of your account data

Clear communication with the user always wins.

Nick Wilkinson • Client Partnerships Manager

Almost half of Nick’s accounts were deleted in the making of this post.