LIFX Developer Zone

App Store Rejection / Permission from LIFX

Sounds crazy (but typical for Apple) and I’m wondering if anyone else has encountered this issue. After six years and 100 updates to my app, App Review chose this one random minor bug fix release to reject my app because they want proof of permission to control LIFX bulbs. Here’s the text from App Review:

Your app includes content or features from Philips hue, LIFX, & WeMo, or is marketed to control external hardware from Philips hue, LIFX, & WeMo, without the necessary authorization. The inclusion of third-party content within your app, whether retrieved from the internet by the app or embedded in the app, is subject to the terms of the Apple Developer Program License Agreement.

Your app and its contents should not infringe upon the rights of another party. In the event your app infringes another party’s rights, you are responsible for any liability to Apple because of a claim.

Next Steps

To resolve this issue, please attach documentary evidence in the App Review Information section in App Store Connect. In accordance with section 3.2(f) of the Apple Developer Program License Agreement, you acknowledge that submitting falsified or fraudulent documentation can result in the termination of your Apple Developer Program account and the removal of your apps from the App Store. Once Legal has reviewed your documentation and confirms its validity, we will proceed with the review of your app.

Obviously LIFX gives permission to 3rd party developers to control the bulbs, otherwise there wouldn’t be a whole SDK, but technically I see their point. Some hardware company out there has some product that wouldn’t want 3rd party control I suppose. Has anyone dealt with this before, or have specific documentation/links to show our app ecosystem is legit? Is anyone from LIFX reading this and have any such documentation/links? Unfortunately this is bad timing as my 3.3.1 release was supposed to be a nice bug fix update timed with iOS 13 coming out in a few days, so it’s really annoying for App Store Review to pull this stunt right now. I should mention that all my artwork is custom-drawn (I use no images, since I want all my bulb icons to always reflect the current color/fades of each bulb) so the issue really just seems to be the permission to control the bulbs themselves and mention in my marketing material that LIFX bulbs can be controlled.

@daniel_hall any tips?

Hi @lightbow,

That’s really surprising. Given our documentation is public we don’t require any authorization or certification (apart from the LIFX bulb owners of course) before controlling them. Here is a statement though that you can use in support of your app.

To Whom It May Concern,

The developers of the Lightbow app for iOS are authorized to control LIFX hardware under the LIFX Developer Zone Terms of Use (https://www.lifx.com/pages/developer-terms-of-use).

Any questions regarding this authorization can be directed to Daniel Hall <daniel.hall@lifx.com>


Thanks,
Daniel Hall
Developer Advocate
LIFX

Feel free to copy that response to them, or direct them here. I’m happy to email them to you or Apple as well. Private message me any email addresses you’d like it sent to.

1 Like

It’s neither surprising, nor crazy when you consider the following:

  • Lots of IoT devices are being exploited through unexpected vendor vulnerabilities
  • Apple tends to be very conservative about supporting other walled garden environments
  • Apple probably hasn’t researched the openness of LIFX and has basically asked you to provide the relevant pointers to show that they are an open platform.
  • Your earlier updates occurred before the wide knowledge of vulnerability of various ESP8266-based lighting products (especially a collection from a variety of vendors that depended on one particular Chinese cloud company and their IoT development/support platform) which opened up OTA firmware updating to anyone smart enough to properly war-drive the bulbs in question with a very weak key that was trivially compromised and then publicized). This one vulnerability, btw, affected not only lights from several vendors, but also “smart sockets”, “smart switches”, and a variety of other household control devices.

Overall, I’m glad to see Apple paying more attention to this. I understand how it’s inconvenient for you this one time, but think about the possibility if Apple didn’t start doing this and someone released a firmware-updater that re-flashed millions (or billions) of ESP8266 chips in light-bulbs to do their bidding. It would make some of the previous camera-based bot armies look like a light infantry squad.

Thanks for sharing that! It sucks and it’s silly unless they are doing it for all SDK’s controlling ANYTHING out in the world. That would involve a very large number of apps. I’m assuming this issue is likely to happen to OnSwitch on our next update. I’m concerned that a digitally copied letter from Daniel (or similar from Walter over at Philips) may not be enough verifiable proof for them. The Apple AppStore gods are capricious.

If my letter is not enough then ask them what they suggest. I’m sure we can find a good solution.

Hey Daniel, I need one of those letters now also. I’ve received the same silly app store rejection. We submitted about 3 or 4 releases before getting this same thing.

Can you write me an OnSwitch specific letter, or let me know if there’s link that shows we are authorized developers?

Thanks,
HOWIE COOPERSTEIN
CEO, Buzzhaus, LLC

Hi Howie,

Here is your letter, try linking Apple to this site and provide the text. I’ve yet to hear back from @lightbow if the letter worked in their case, but if it doesn’t, post here and we will sort something out.

To Whom It May Concern,

The developers of theOnSwitch app for iOS are authorized to control LIFX hardware under the LIFX Developer Zone Terms of Use (https://www.lifx.com/pages/developer-terms-of-use 3).

Any questions regarding this authorization can be directed to Daniel Hall daniel.hall@lifx.com


Thanks,
Daniel Hall
Developer Advocate
LIFX

1 Like

Linking my response to Apple here.

Hi everyone, just to report back, I was eventually able to get my updates through App Review after submitting a letter from both Philips and LIFX. @daniel_hall thank you so much for the quick turnaround, I really appreciate it. Unfortunately, I received no additional communication from Apple, so have no idea whether this will be a problem in the future.

For what it’s worth, I’ve been contacted by another developer (who saw this post), who wrote an app that has nothing to do with lighting (something about LG TV streaming), and they’re also going through a sudden roadblock in the App Store review process. I imagine there was some bad actor out there improperly interfacing with some hardware device outside the official terms of service, it was reported to Apple, and now Apple is tightening up their policies. As usual, this comes with no coordinated communication or process so we’re the collateral (albeit temporary) damage.

2 Likes

Same here. We submitted our release with a link to this letter and another for Hue and it it went through today. Thanks!

1 Like