I've seen similar questions regarding the Export Compliance Information encryption question when uploading an app with App Store Connect, but I'm still looking for a straight answer for my question. I am uploading an iOS app and have to answer the following question:
Export Compliance Information
Does your app use encryption? Select Yes even if your app only uses the standard encryption within Apple’s operating system.
My app has a login page that uses email and password credentials to allow users to log in if they are a user in my Firebase Authentication section of my Firebase project. I found that Firebase Authentication uses hashing for user passwords, but my question is does the inherent encryption that is part of Firebase mean I should answer yes? Or should I say no, given that I don't implement any encryption of my own. My project also uses Cloud Firestore to store client data inputted through the app.
Update: I realize encryption and password hashing are two completely separate forms of security, but my question still stands regarding info stored with Cloud Firestore.
The Firebase SDK, which is running in your app, connects to the Firebase servers over HTTPS so your app does use encryption. The encryption used is exempt so you don't need to upload any documentation to App Store Connect, but you do need to submit a year-end self-classification report.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With