I don't believe iOS app reviewers actually do any of that, even if on paper they do.

> CEO Tim Sweeney said he believes those should be “super super minor fees”

He seems to be ignoring the part of the ruling finding that Apple is entitled to "some compensation" for the use of its intellectual property.

> The appeals court recommends that the district court calculate a commission that is based on the costs that are necessary for its coordination of external links for linked-out purchases, along with "some compensation" for the use of its intellectual property. Costs should not include commission for security and privacy.

https://www.macrumors.com/2025/12/11/apple-app-store-fees-ex...

Apple wanted 27% and Epic thinks it should be 0%. The lower court will have to pick a number in between the two.

Epic founder and CEO Tim Sweeney said he believes those should be “super super minor fees,” on the order of “tens or hundreds of dollars” every time an iOS app update goes through Apple for review. That should be more than enough to compensate the employees reviewing the apps to make sure outside payment links are not scams and lead to a system of “normal fees for normal businesses that sell normal things to normal customers,” Sweeney said.

Tens to hundreds every time an app goes through review is "super supor minor"... This is how you know Epic has the backs of all the indie devs who fret about $100/year dev membership.

But Apple does not currently constantly check apps for changing links. I see no change here.

> I would think making sure outside payment links aren’t scams will be more expensive than that because checking that once isn’t sufficient. Ignoring the fact Apple isn't doing that anyway right now as others have pointed out: There are multiple ways to make sure of that without it costing any significant money, eg hashing all scripts that are served on the link and making sure they're the same since review.

Not that they'd ever do the review to begin with, so the hashing won't be done either, but it's something that could be done on iOS/ipados.

And if you consider that infeasible, you might want to check out current CSP best practices, you might be surprised

This isn't about whether Apple allows outside payment links or not. It's about whether Apple takes a percentage cut from outside payments.

Is Apple actually checking outside payments for scams outside of review times? Do they check non-payment links for scams outside of review times? How often?

The point is that they should only be able to charge a fee for work they are truly doing, and it shouldn't be retaliatory.

> I guess only large companies will be able to afford providing an option for outside payments

https://store.epicgames.com/en-US/news/introducing-epic-web-...

Hundreds of dollars just to push an app update would be devastating for many solo developers.

Apple can just do it like credit card companies: chargebacks. Plus kick offenders out of the store. No need to check anything in advance.

Wouldn't that incentivize smaller developers not to update their apps unless absolutely necessary?

> I would think making sure outside payment links aren’t scams will be more expensive than that because checking that once isn’t sufficient.

According to the ruling on page 42, "(c) Apple should receive no commission for the security and privacy features it offers to external links, and its calculation of its necessary costs for external links should not include the cost associated with the security and privacy features it offers with its IAP"

> I would think making sure outside payment links aren’t scams will be more expensive

On average, Apple spends less than a minute on app reviews for new versions.

Spreading FUD as a marketing move will surely come free with this. It works just too well with Apple.

> I would think making sure outside payment links aren’t scams will be more expensive than that

You really think that the aggregate cost of fraud mitigation in the app store is 30% of revenue? That seems laughable, the credit card industry as a whole does far, far better than that with far less ability to audit and control transaction use.