Is there a way to distinguish physical mouse/keyboard input from remote control mouse/keyboard input on Mac? Or even better, is there a way to detect if my Mac is being remotely controlled?

Inquire the types of notifications that can occur in a SANDBOX environment Hello, WWDC 2024 is trying to conduct a test to receive notifications related to ONE_TIME_CHARGE, CONNSUMPTION_REQUEST, CONMSUMPTION_INFO, REFUND, and REFUND_DECLINED as described in the example of purchasing consumables, but as a result of the continuous search, I found that it is difficult to occur except for ONE_TIME_CHARGE. So, in order to verify only the business logic as shown below, we are testing only the business logic without actually calling the API after purchasing the test and saving the signaled Payload that we received in response to ONE_TIME_CHARGE. Can we actually request a refund for the test purchase and receive the corresponding notification and actually send the response? public void handleSignedNotification(String signedNotification) throws Exception { ResponseBodyV2DecodedPayload payload = signedDataVerifier.verifyAndDecodeNotification(signedNotification); NotificationTypeV2 type = payload.getNotificationType(); //For Apple Server Notification, only ONE_TIME_CHARGE notifications are enabled in the test environment, so for testing, change them as below to test whether they are running business logic type = NotificationTypeV2.REFUND; log.info("Apple NotificationType : {}", type); switch (type) { case CONSUMPTION_REQUEST: handleConsumptionRequest(payload); break; case REFUND: handleRefund(payload); break; case REFUND_DECLINED: handleRefundDeclined(payload); break; // For other necessary notifications, just take a log default: log.info("Unhandled notification: {}", type); } } Regarding the call of 'CONSUMPTION_INFO', which is the response of 'CONSUMPTION_REQUEST' Is there a value that WWDC 2024 must include when sending CONMSUMPTION_INFO, which is the response to CONNSUMPTION_REQUEST described in the refund example? I'm going to call the API with only sample provision and consumption like the sample code you introduced in the video. I was told to submit my refund preference within 12 hours, but can I submit it as UNDECLARED at first and use the method to express my intention? When I receive the notification, I will save it in the DB and save it in the administrator page of the service so that the administrator can choose. 2-1. Some of the materials I looked for are told that Apple can proceed with the refund even 12 hours ago, and to express your opinion as soon as I receive the notification, but I wonder if this is correct. If you get a notification as below, you should write whether you used it or not by referring to the consumption information. I think the customer said to check whether the data was provided when applying for a refund. Should I take it out of decodedTransaction, check the value, and just call it NO_PREFERENCE? I'd appreciate it if you could give me some advice. Below is a part of the code I implemented. private void handleConsumptionRequest(ResponseBodyV2DecodedPayload notification) throws Exception { // 1. transaction ID get String signedTransactionInfo = notification.getData().getSignedTransactionInfo(); JWSTransactionDecodedPayload decodedTransaction = signedDataVerifier.verifyAndDecodeTransaction(signedTransactionInfo); String transactionId = decodedTransaction.getTransactionId(); // 2. Extract the relevant transaction (The following example is an in-app payment and will be accumulated in two types of DBs, stored in one of the two) Sample sample = sampleService.findByAppleTransactionId(transactionId); Example example = exampleService.findByAppleTransactionId(transactionId); Boolean canRefund = false; // 3. Check consumption information if (sample != null) { canRefund = checkSampleStatusForApplePurchaseRefund(sample); } else if (example != null) { canRefund = checkExampleStatusForApplePurchaseRefund(example); } // 4. Create Refund Preferences RefundPreference refundPreference = determineRefundPreference(canRefund); // 5. Creating a ConsumptionRequest Object ConsumptionRequest request = new ConsumptionRequest() .refundPreference(refundPreference) .sampleContentProvided(true); log.info("forTest~ canRefund: {}", canRefund); log.info("forTest~ sample: {}", sample.toString()); log.info("forTest~ example: {}", example.toString()); log.info("forTest~ refundPreference: {}", refundPreference); log.info("forTest~ request: {}", request); // 6. Transfer to App Store (annotated with dummy requests that only confirm current business requests are going right) // appStoreServerAPIClient.sendConsumptionData(transactionId, request); }

Can i, personally, create .pkpass for other companies using my apple developer ID? In order to create .pkpass, I need to create passTypIdentifier and teamIdentifier using apple developer ID Is it okay to create those two identifiers and create coupons or membership cards for other companies? I just wonder if it is against the law or developer guide.

How to encrypt bytes with CCM method in KMP?

Body: Hello, We are currently implementing iOS order verification and have encountered an issue. Some of the receipts we verify return with an empty in_app array, which makes it impossible to determine whether there is a valid in-app purchase. Below is the code we’re using for verification and the result we receive: Code Example: public function iosVerifyReceipt($receipt, $password = '', $sandbox = false) { $url = $sandbox ? 'https://sandbox.itunes.apple.com/verifyReceipt' : 'https://buy.itunes.apple.com/verifyReceipt'; if (empty($password)) { $data = json_encode(['receipt-data' => $receipt]); } else { $data = json_encode(['receipt-data' => $receipt, 'password' => $password]); } $ch = curl_init($url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, $data); $result = curl_exec($ch); curl_close($ch); $result = json_decode($result, true); $result = $result ?? []; $result['sandbox'] = $sandbox; if ($result['status'] != 0) { Log::warning('ios verify receipt failed', ['receipt' => $receipt, 'result' => $result, 'sandbox' => $sandbox]); if ($result['status'] == 21007) { return $this->iosVerifyReceipt($receipt, $password, true); } } return $result; } // Order validation check if (empty($result) || $result['status'] != 0) { throw new BadRequestHttpException("Ios Order Verify Error"); } $appItemId = $result['receipt']['app_item_id'] ?? ""; if ($appItemId != MY_APP_ID) { throw new BadRequestHttpException("Ios Order Verify Error"); } $inApp = array_filter($result['receipt']['in_app'] ?? [], function ($item) use ($transactionId, $order) { return $item['transaction_id'] == $transactionId && $item['product_id'] == $order->getProductId(); }); if (empty($inApp)) { throw new BadRequestHttpException("Ios Order Verify Error"); } Array ( [receipt] => Array ( [receipt_type] => Production [adam_id] => * [app_item_id] => * [bundle_id] => * [application_version] => * [download_id] => * [version_external_identifier] => * [receipt_creation_date] => 2025-02-11 04:06:47 Etc/GMT [receipt_creation_date_ms] => * [receipt_creation_date_pst] => 2025-02-10 20:06:47 America/Los_Angeles [request_date] => 2025-02-11 15:54:56 Etc/GMT [request_date_ms] => * [request_date_pst] => 2025-02-11 07:54:56 America/Los_Angeles [original_purchase_date] => 2025-02-11 04:02:41 Etc/GMT [original_purchase_date_ms] => * [original_purchase_date_pst] => 2025-02-10 20:02:41 America/Los_Angeles [original_application_version] => 5511 [preorder_date] => 2025-01-17 21:12:28 Etc/GMT [preorder_date_ms] => * [preorder_date_pst] => 2025-01-17 13:12:28 America/Los_Angeles [in_app] => Array ( ) ) [environment] => Production [status] => 0 [sandbox] => ) Problem Description: • We are noticing that in some orders, the in_app array is returned as empty. This causes difficulty in verifying the presence of in-app purchases. • Our validation logic assumes that if in_app is empty, the order is invalid, but we would like clarification on whether this is correct or if such a scenario is normal under certain conditions. Actions Taken: • We have reviewed Apple’s documentation and other related resources, but no clear explanation is given about when in_app might be empty. • Can we safely rely on an empty in_app array to consider the order invalid, or should we investigate further for potential issues like delays or errors during the verification process? We would appreciate your guidance on how to handle such cases. Thank you for your support!

So what's the point of being able to block unto 50 apps per ManagedSettingStore via store.application.blockedApplications (which works fine) until removing the blocked apps or clearing the store. Where the following occurs if you have a social networking group with more than 9 apps only 9 apps will go back into the group and all the others will go onto the springboard all jumbled if you end up with an empty group then tap into the group, it is removed then during the reset all apps are placed back on to the springboard

We're running into an issue with our pkg bundle where the main .app file disappears after installation and wanted to see if anyone has an idea about what would cause it. We have a pkg bundle with three separate apps, one primary app and two supporting apps. We distribute this pkg bundle directly to our users, who will manually install it on their devices (rather than through the app store). The installation itself will usually complete without any issues, and we aren't seeing anything in the install or system logs indicating that it was removed afterward (our postinstall script checks that all of the files exist and are in the correct locations), but after the installation the main app disappears while the rest of the files (including the supporting apps) we lay down are still present. Sometimes it will fail with an error similar to this: 2024-10-02 09:43:07-04 MBA-L-8114 installer[9894]: Error getting application status info for file:///Applications/.hiddenfolder/app1.app: Error Domain=NSCocoaErrorDomain Code=260 "The file "app1.app" couldn't be opened because there is no such file." UserInfo={NSURL=file:///Applications/.hiddenfolder/app1.app, NSFilePath=/Applications/.hiddenfolder/app1.app, NSUnderlyingError=0x6000026a0d50 {Error Domain=NSPOSIXErrorDomain Code=2 "No such file or directory"}} This only happens on certain computers, but on those computers it will happen consistently. We have noticed that it seems to happen more often with computers that are MDM configured. So far we’ve investigated permissions issues with the build process, installation script issues, and signing/notarizing, but have not found anything that might cause this issue. We did verify that we’re setting BundleIsRelocatable NO in the plist file for our package, so in theory it shouldn’t be trying to move the app after installation (we don't see the main app anywhere on the device so macOS doesn't seem to be moving it). We have another post going into more technical detail here: https://developer.apple.com/forums/thread/769443

Hello, We have implemented In-App Verification using both SMS and mobile app options. While SMS functions as expected, selecting the mobile app for verification in the Wallet app does not open our app on the first attempt. Instead, the verification window simply dismisses. However, if I select "Complete Verification" again and choose the mobile app, deep linking works as expected, and our app opens correctly. This issue occurs with any bank card and app I’ve tested in Wallet. Could this be a bug in the Wallet app where deep linking fails on the first attempt but works on the second?

I encountered a scenario involving a subscription and need to determine if it's a problem or an expected outcome. Here are the details: My service received a notification from Apple of type DID_CHANGE_RENEWAL_STATUS with subtype AUTO_RENEW_DISABLED. The status field received on the payload was equal to 1 - Active. (2024-12-19T15:34:53.801) My service again received a DID_CHANGE_RENEWAL_STATUS with subtype AUTO_RENEW_DISABLED. But the status field received was 2 - Expired. (2024-12-19T23:34:57.527) My service received an EXPIRED with subtype VOLUNTARY notification. (2024-12-19T23:35:01.669) Is the event 2 an inconsistent event? Since we are receiving a notification that means the auto renew was disabled when the subscription was already expired.

How to uninstall/delete Voice Control on macOS so that I can test my app for the case when the initial use of Voice Control causes it to be downloaded from Apple? Is there a folder in the macOS System or Library to delete to force a re-download of Voice Control? My macOS app uses the older NSSpeechRecognizer to handle speech commands, but to use NSSpeechRecognizer required authorization via [SFSpeechRecognizer requestAuthorization...]. I do this and on a macOS system it can trigger a download of Voice Control, the macOS feature. An alert appears with: "A 390 MB download is required to use speech recognition features in MyApp. You may need to quit and open MyApp again after download completes."

Trial Rollout: 652eff3d1bce5442b8d753c9 (ramp:654d29cb7e430f0ea5135e4b namespaces:VISUAL_INTELLIGENCE_RICH_LABEL_I18N) Trial Rollout: 654439cdafbf5b61207873a9 (ramp:65443b27f764584e3e121677 namespaces:SIRI_DATA_SHARING_MTE_OPT_OUT) Trial Rollout: 6090733d1c1e594b6765e603 (ramp:61f1fd4757c72d21f3fd20dc namespaces:WIRELESS_DATA_ANALYTICS_SIS_FR2HARVESTING) Trial Rollout: 63f9578e238e7b23a1f3030a (ramp:64af3a8e3789f0013152c6ea namespaces:SMART_REPLY_ACTIONS_EN) Trial Rollout: 64c17a9925d75a7281053d4c (ramp:64d297de1008ca2fac17a1dc namespaces:SIRI_AUDIO_DISABLE_MEDIA_ENTITY_SYNC) Trial Rollout: 64628732bf2f5257dedc8988 (ramp:651ca4291993407e6d574317 namespaces:) Trial Rollout: 6434420a89ec2e0a7a38bf5a (ramp:64c96f230d0abc3f1813bdab namespaces:) Trial Rollout: 639124e81d92412bfb4880b3 (ramp:63ffdf0ac679dd6bc58280c1 namespaces:SIRI_UNDERSTANDING_TMDC) Trial Rollout: 6246d6a916a70b047e454124 (ramp:6449728db0bf6a06721af761 namespaces:WALLET_APP_ECOM_PAYMENT_SHEET) Trial Rollout: 6425c75e4327780c10cc4252 (ramp:642b12bf4327780c10cc42e5 namespaces:SIRI_HOME_AUTOMATION_INTENT_SELECTION_CACHE) Trial Rollout: 60f8ddccefea4203d95cbeef (ramp:640141a8c679dd6bc5828185 namespaces:) Trial Rollout: 5f72dc58705eff005a46b3a9 (ramp:63d9571c2cb48e1296b0749a namespaces:SIRI_VIDEO_APP_SELECTION) Trial Rollout: 5fb4245a1bbfe8005e33a1e1 (ramp:635c675bc8a2104545a56d45 namespaces:) Trial Rollout: 60356660bbe37970735c5624 (ramp:618b79164b3765609b8b8252 namespaces:) Trial Rollout: 60da5e84ab0ca017dace9abf (ramp:6137762b61217b31102314aa namespaces:) Trial Rollout: 6081ed9716bb6d61d81d5014 (ramp:67953013d0a7cc3ee9718297 namespaces:BIFROST_PROD_1) Trial Rollout: 601074e4af9bef000c169ea8 (ramp:67953105c871785bbdefd35c namespaces:BIFROST_DEV_1) Trial Rollout: 6761d0c9df60af01adb250fb (ramp:6788a4224ebe024683e5aa2e namespaces:)

Subject/Title: Critical SKAdNetwork Attribution Failures (Bug Type: 237, Failure Type: 1201 in ASDErrorDomain) Issue Summary We are encountering repeated SKAdNetwork attribution failures (failureType: 1201 in ASDErrorDomain) for ad impression events processed through the ad network mj797d8u6f.skadnetwork. These failures are causing significant revenue losses, as ad impressions are not being properly attributed to installs. The issue occurs across multiple campaigns and involves both SKAdNetwork API 3.0 and 4.0, suggesting a systemic problem with attribution validation or network communication. This problem is critical as it disrupts advertisers’ ability to track conversions, optimize campaigns, and allocate budgets effectively. Technical Details Key Logs: Below are anonymized samples of the failed SKAdNetwork events: Log Sample 1 (Failure): { "bug_type": "237", "timestamp": "2025-01-07 22:49:15.00 -0500", "os_version": "iPhone OS 18.2.1 (22C161)", "roots_installed": 0, "incident_id": "78523BD9-1F58-4738-B526-8A8A63203214" } { "advertisementStoryId": "3D2E7EBB-1A57-4DF8-9375-2C465F423038", "apiVersion": "3.0", "eventType": "adImpression", "resultType": "finalized", "anonymous": true, "failureType": 1201, "failureDomain": "ASDErrorDomain", "clientEventId": "0F456623-584F-4913-BBD3-C3FD1219D104", "os": "iOS", "topic": "xp_amp_skad_perf", "adType": "app", "adNetworkId": "mj797d8u6f.skadnetwork", "eventTime": 1736305200000, "osBuildNumber": "22C161", "hardwareFamily": "iPhone", "api": "SKAdNetwork" } Log Sample 2 (Failure): { "bug_type": "237", "timestamp": "2025-01-07 22:49:15.00 -0500", "os_version": "iPhone OS 18.2.1 (22C161)", "roots_installed": 0, "incident_id": "0CBF612D-F0D9-449E-A34E-DE2DB92BEC0D" } { "advertisementStoryId": "946E568C-D2C1-478F-BFF3-4996C48F9B39", "apiVersion": "3.0", "eventType": "adImpression", "resultType": "finalized", "anonymous": true, "failureType": 1201, "failureDomain": "ASDErrorDomain", "clientEventId": "1A3D48FB-4452-4FD8-BB25-1195470A53DC", "os": "iOS", "topic": "xp_amp_skad_perf", "adType": "app", "adNetworkId": "mj797d8u6f.skadnetwork", "eventTime": 1736298000000, "osBuildNumber": "22C161", "hardwareFamily": "iPhone", "api": "SKAdNetwork" } Log Sample 3 (Success Example for Comparison): { "bug_type": "237", "timestamp": "2025-01-07 22:49:15.00 -0500", "os_version": "iPhone OS 18.2.1 (22C161)", "roots_installed": 0, "incident_id": "BFEAC86B-8195-4DB0-96FF-2028107256AD" } { "advertisementStoryId": "946E568C-D2C1-478F-BFF3-4996C48F9B39", "apiVersion": "3.0", "eventType": "adImpression", "resultType": "finalized", "anonymous": true, "clientEventId": "F6265488-E0FB-448A-A406-3F7254BCA9D7", "os": "iOS", "topic": "xp_amp_skad_perf", "adType": "app", "adNetworkId": "mj797d8u6f.skadnetwork", "eventTime": 1736294400000, "osBuildNumber": "22C161", "hardwareFamily": "iPhone", "api": "SKAdNetwork" } Failure Details: Failure Type: 1201 Failure Domain: ASDErrorDomain Ad Network ID: mj797d8u6f.skadnetwork API Versions Affected: 3.0, 4.0 Timeframe of Failures: All logs occur within 2025-01-07 22:00:00 UTC to 23:00:00 UTC. Environment: OS Version: iOS 18.2.1 (Build 22C161). Device Type: iPhone (hardwareFamily: iPhone). App Configuration: Includes the ad network ID in the Info.plist under SKAdNetworkItems. Impact Details Financial Loss: Based on failure rates, we estimate $20–$65/day per advertiser for small campaigns and $75–$375/day per advertiser for larger campaigns. If 100 advertisers are affected, daily losses range from $2,000–$37,500. Over a week, losses could exceed $70,000 to $262,500 or more. Operational Impact: Advertisers cannot track installs or optimize campaigns, leading to inefficient ad spending and potential budget reallocation to other networks. Damaged trust between advertisers and the ad network. Reputation Risk: Continued failures harm the credibility of the SKAdNetwork framework, critical in a post-ATT (App Tracking Transparency) ecosystem. Steps to Reproduce Serve an ad impression through the ad network mj797d8u6f.skadnetwork. Monitor SKAdNetwork attribution for that impression. Observe repeated failures (failureType: 1201) despite the resultType: finalized status. Recommendations for Investigation Attribution Timeout: Verify if these failures stem from delayed responses or missed attribution windows. Ad Network Configuration: Confirm the ad network’s integration complies with SKAdNetwork API 3.0 and 4.0 requirements. Infrastructure Review: Investigate potential bottlenecks or failures in Apple’s attribution servers (ASDErrorDomain) or communication delays. Contact Details Name: [Your Full Name] Role: [Your Role] (e.g., Ad Network Analyst/Developer) Organization: [Your Company Name] Email: [Your Email Address] Phone: [Your Phone Number] Submission Instructions You can submit this report via the following channels: Apple Feedback Assistant: https://feedbackassistant.apple.com/ Bug Reporting Tool: https://developer.apple.com/bug-reporting/ Apple DTS: https://developer.apple.com/support/technical/

Greetings! I was reviewing the documentation for the Apple Store Server Notification v1 APIs and saw the deprecation notice. We are currently unable to migrate to v2 in the near future. With that in mind, I want to know if there were any plans to shut off v1, and if so, was there any timeline we could expect? Thank you in advance. Reference: https://developer.apple.com/documentation/appstoreservernotifications/app-store-server-notifications-version-1

Is it possible to display a live activity on the lock-screen without a dynamic island? Or at least without expanding the dynamic island more than just for a small icon? struct SomeWidgetLiveActivity: Widget { var body: some WidgetConfiguration { ActivityConfiguration(for: SomeAttributes.self) { context in } dynamicIsland: { context in DynamicIsland { DynamicIslandExpandedRegion(.leading) { // Seems to be mandatory, any way around it? } } compactLeading: { } compactTrailing: { } minimal: { } } I couldn't quite find a way. Thank you

Hello, I could not find where I can change the sellers name. Why is the first letter always capitalized? Do I have to change it via Developer-Account or App-Development or Payment-Provider?

I purchased an iPad Pro M4 in early December, and since day one, I’ve been experiencing a recurring issue. Almost every day, at random times, the device freezes for 1–5 minutes and then restarts itself. The tablet is not under heavy load when this happens — I mainly use it for light tasks such as watching videos in a player or Safari browser, web surfing, and reading books. The issue has even occurred while the iPad was idle and locked; it froze, displayed the Apple logo, and rebooted. I brought the device back to the store where I purchased it, and they sent it for a diagnostic check. However, the experts concluded that the device is fully functional, and no defects were found. After one of these crashes, I noticed that my Apple Pencil started lagging (see video file IMG_5688.MOV). However, after another reboot, the issue with the Apple Pencil resolved itself. I’ve documented the issue with several video recordings showing the freezing and rebooting behavior, as well as error logs generated after such incidents. Device Details: Model: iPad Pro M4 Usage: Light tasks only (video streaming, web browsing, reading) Environment: No overheating, no resource-heavy applications running What could be causing this issue, and how can I resolve it? Any help would be greatly appreciated. Thank you! P.S. I’ve uploaded all the device logs and videos demonstrating the issue to Google Drive. https://drive.google.com/drive/folders/1_R0i_iazADWo5EgStrPdgmf1XjgPP_RC?usp=sharing

I am trying to use the NFCTagReaderSession to SELECT the master file of a ISO 7816 smartcard by sending a corresponding NFCISO7816APDU after connecting to the card, but I am running into errors: Error Domain=NFCError Code=2 "Missing required entitlement" UserInfo={NSLocalizedDescription=Missing required entitlement} Error Domain=NFCError Code=103 "Session invalidated" UserInfo={NSLocalizedDescription=Session invalidated} I know that in order to communicate with a NFCISO7816Tag I need to declare the supported AIDs in the Info.plist, but what am I supposed to declare here?

I am having issues loading in a mapkit snapshot. I get an error saying that https://domain.com and they're expecting domain.com. I have no idea what could be going wrong here. I set the domains properly in the mapkit tokens. When I click on the link it opens a new tab and loads what the data properly, but somehow in the application on production this error comes up.

In all the illustrations of win-back offers, I see an example of "Get 3 months off, then $X/month", as seen below. First, I'm not exactly clear how each configuration translates into an actual offer in practice: If I want to offer 3 months off on an annual subscription, ie. only if the user pays for the annual offer (basically a 25% discount), is that possible? If I set a "Free" type, of 3 months, I guess that would allow the user to cancel before paying for the annual, correct? If I set a "Pay up front" type, with a 25% discount, how would that show up to the user on the App Store? Secondly, is eligibility to an offer determined by the user elapsing on the same subscription or any subscription in the same subscription group? Thank you

I have been struggling to test the IAP response but it is returning empty. I am now in the very beginning of one app, and I don't want to submit the contacts and banking and tax stuff that early. are these necessary for even testing IAP results locally? I think it does not make sense if I have to.