App Store Review Guidelines 5.1.1 (ix) - Account delete requirement for banking apps

Privacy & Security General
cr2devops OP
Created Oct ’21
Replies 7
Boosts 1
Views 6.8k
Participants 11

I would like to clarify the scope of section 5.1.1 (ix) of the app privacy policy, related to account sign-in.

             "If your app supports account creation, you must also offer account deletion within the app."

I understand that this will take effect from January 2022 https://developer.apple.com/news/?id=mdkbobfo

Is there an exception for financial apps that include account creation / registration (e.g. banking apps)?

The objective of the policy change seems to be to offer users a convenient and transparent option of unregistering from a service and deleting any related data. However, deleting a login for a banking app has more implications than just de-registering from the service (e.g. what to do with account balance, regulatory requirements may apply). Therefore direct interaction between the app user and the financial institution is likely to occur irrespective of any in-app options.

Would either of these options be sufficient to comply with the iOS App Privacy Policy?

Option 1 - include within the app a link to, or summary of, the bank's policy on how to close an account (e.g. contact bank directly over telephone, email, or in person).

Option 2 - deactivation of login access via the mobile app (vs full closure of account).  If so, does the deactivation have to be performed within the app itself or could it be performed on a similar basis to account closure? (e.g. over telephone/email).

Replies  7
Boosts  1
Views  6.8k
Participants  11
Claude31 OP
Oct ’21

To propose such an app you must be a banking organisation ; so I suppose you are.

Do you create the bank account within the app ? Or do you just provide an access to the account ?

My understanding is that you have to allow delete from the app what you created from the app.

0
sanHose3 OP
Dec ’21

I am also interested in whether it is necessary to delete the user in the banking application. Can anyone know the answer to this question?

0
notapro1234 OP
Jan ’22

I have a set of questions about the same subject.

  1. Can the account deletion be limited to accounts that have a zero balance of funds?
  2. Can the account deletion be in a webview?
  3. Does the user's access need to be removed during the deletion process?
  4. What about data retention requirements due to contractual and regulatory reasons?
  5. If there's both a master account and sub-accounts can we limit the deletion to the sub-accounts that actually hold funds?
  6. Can we maintain the account information to provide tax and other regulatory documents?
0
MobileTen OP
Jan ’22

Someone in Apple certainly doesn’t understand how banking institutions function! I think there should be push back on this from banks because any solution is going result is a call to a call center that is going to go no where when someone has a mortgage, and other owed balances and this nonsense of giving the customer the illusion they can just delete their account was not planned out properly by Apple.

2
burakcalik OP
Jan ’22

I think the real purpose is to delete the personal data. So you can keep the financial data, and that data can be associated to an account, but that account should not contain any personal information after the account deletion. That means the account owner must be unknown / no one.

Thats what I understand.

0
Ahmed_Galal OP
May ’22

Almost a month remaining, Does anyone has a clear input on this mandates for banking apps, especially that deleting banking accounts is somehow restricted and Central Bank regulations is to be considered when applying such actions.

1
mcpracht OP
Jun ’22

why is there no statement to this?!

0
App Store Review Guidelines 5.1.1 (ix) - Account delete requirement for banking apps
First post date Last post date
 
 
Q