APPLE IOS 17.4 - WHAT’S CHANGING?

With the introduction of iOS 17.4 at the beginning of March, important functions were changed due to a directive issued by the EU (Digital Markets Act). Here is a brief overview of the most important changes and their significance for mobile device management in companies. It affects all users with an Apple ID from the EU.

Sideloading of apps from alternative app stores

The EU requires Apple to allow alternative app sources in addition to the App Store. However, this does not mean direct sideloading of apps via external websites. Instead, users can download alternative marketplaces and use them as a distribution platform.

Restrictions on marketplaces on the part of MDM systems are currently not possible. Apple has currently announced corresponding settings for the launch of iOS 17.4, which are expected to be adapted by MDM manufacturers in the short term.

The only option currently available is to allow the installation of specially defined applications via a whitelist. In addition, the public App Store can be deactivated on iOS devices to make only the applications available in the company App Store visible to end users. These options are only available for managed devices. Up-to-date information on the new parameters can be found in Apple’s developer documentation under the keyword “allowMarketplaceAppInstallation”.

Allow additional browser engines

With iOS 17.4, users can select other default browsers in addition to Safari and even allow third-party providers to use their own browser engines. The use of the Safari browser is currently recommended, although alternative browsers can be controlled by EMM via blacklists or whitelists.

After installing iOS 17.4, the user will be prompted to select a new default browser. We recommend adapting the user documentation accordingly.

Opening up the NFC interface

Apple is opening up the NFC chip to banks and financial service providers to enable payments via their own apps. Security is guaranteed by compliance with industry standards. Currently, no restriction by EMM is possible, but unwanted use of the NFC chip can be controlled via blacklists or whitelists.

Conclusion

These innovations can have a significant impact on the use of iOS devices in companies. It is therefore important to pay attention to them and to check promptly whether there is a need for action.

We recommend blocking the update to iOS 17.4 with the appropriate settings until the options for controlling the new functions in the MDM systems are available. All of Apple’s changes in relation to the Digital Markets Act can be found at https://developer.apple.com/support/dma-and-apps-in-the-eu.

If you have any questions or require assistance with implementation, please do not hesitate to contact us.

Update 07.03.2023: Jamf has already provided an update and offers suitable Profiles to restrict the use of alternative AppStores.