How to Fill App Encryption Information in Info.plist

App Store Connect asks about encryption when you upload a build to TestFlight or submit a version for App Review. If the answer never changes, put the encryption declaration directly in your app’s Info.plist. This prevents the same export compliance questionnaire from appearing on every upload.

The key you usually need is ITSAppUsesNonExemptEncryption. The name is easy to misread: it does not ask whether your app uses any encryption at all. It asks whether your app uses non-exempt encryption.

For most apps, the decision looks like this:

• Set ITSAppUsesNonExemptEncryption to NO / false if the app uses no encryption, or only encryption that is exempt from export compliance documentation.
• Set ITSAppUsesNonExemptEncryption to YES / true if the app uses non-exempt encryption.
• Add ITSEncryptionExportComplianceCode only after Apple approves your export compliance documentation and gives you the code.
• If you omit ITSAppUsesNonExemptEncryption, App Store Connect can ask the encryption questions every time you upload a new build.

Common examples that often fit false include apps that only use HTTPS through Apple’s networking APIs, Keychain, CryptoKit, Security framework APIs, CloudKit, StoreKit, Sign in with Apple, or other encryption limited to Apple’s operating system. Verify this if your app ships a third-party SDK that implements its own cryptography.

Open the app target in Xcode:

1. Select the project in the navigator.
2. Select your app target.
3. Open the Info tab.
4. Add a new custom property named App Uses Non-Exempt Encryption.
5. Set the type to Boolean.
6. Set the value to NO or YES.

Xcode writes this as the raw Info.plist key ITSAppUsesNonExemptEncryption.

For this Boolean key, NO means false, and YES means true.

If your app does not use non-exempt encryption, set NO in Xcode. The raw plist entry should be:

<key>ITSAppUsesNonExemptEncryption</key>
<false/>

If your app does use non-exempt encryption, set YES in Xcode. The raw plist entry should be:

<key>ITSAppUsesNonExemptEncryption</key>
<true/>

Make sure the value is a real Boolean, not the string "NO", "YES", "FALSE", or "TRUE".

Use NO in Xcode, or false in the raw plist, when the app either does not use encryption, or uses only encryption that Apple treats as exempt from export compliance documentation.

Typical cases:

• the app connects to your backend over HTTPS;
• encryption is limited to APIs provided by iOS, iPadOS, macOS, watchOS, tvOS, or visionOS;
• the app stores credentials in Keychain;
• the app uses Apple frameworks for authentication, purchases, iCloud, CloudKit, or push notifications;
• third-party SDKs do not add their own non-exempt encryption.

This is the most common setup for a normal consumer app that talks to an API over TLS and does not implement its own security layer.

Use YES in Xcode, or true in the raw plist, when the app uses non-exempt encryption. This can include cases where the app contains or links encryption that is not limited to Apple’s operating system, uses proprietary or unpublished cryptography, or requires export compliance documentation based on the App Store Connect questionnaire.

Examples that need extra review:

• a VPN, secure messaging, password manager, encrypted storage, security, or antivirus app;
• proprietary or non-standard encryption algorithms;
• bundled crypto libraries such as OpenSSL, libsodium, or a custom cryptography module;
• industry-standard algorithms implemented outside Apple’s operating system;
• features where encryption is a primary product capability.

If App Store Connect says documentation is required, upload the requested documentation before submitting the build for TestFlight review or App Review.

When documentation is required, App Store Connect can provide a code after the export compliance documentation is approved. Put that value in ITSEncryptionExportComplianceCode.

<key>ITSAppUsesNonExemptEncryption</key>
<true/>
<key>ITSEncryptionExportComplianceCode</key>
<string>YOUR_APPROVED_CODE</string>

Do not invent this value. It must be the code Apple provides after reviewing your documentation.

If the app’s encryption status is unclear, answer Apple’s questionnaire first:

1. Open App Store Connect.
2. Select the app.
3. Open App Information.
4. Find App Encryption Documentation.
5. Click the add button and answer the questions.

You can also click Manage next to a build that is missing encryption information on the TestFlight or Distribution screen.

Once App Store Connect confirms that no documentation is required, set ITSAppUsesNonExemptEncryption to NO / false. If documentation is required, upload it, wait for Apple’s review, attach the approved documentation to the build if needed, then add the compliance code to Info.plist.

The value must be in the plist that is actually bundled into the uploaded app. If App Store Connect still asks the same encryption questions, check these issues:

• the key was added to the wrong target;
• the Release configuration uses a different Info.plist;
• a build script generates or overwrites the plist during archive;
• the key was added as a string instead of a Boolean;
• the build was uploaded before the plist change;
• ITSAppUsesNonExemptEncryption is YES / true, but the required documentation has not been approved or attached.

For React Native, Flutter, Unity, and other cross-platform projects, edit the iOS app target’s final Info.plist, not only the framework-level config file.

Many apps only call a backend over HTTPS and use Apple frameworks for local storage, purchases, notifications, and authentication. For that case, the usual plist entry is:

<key>ITSAppUsesNonExemptEncryption</key>
<false/>

After uploading a new build with this key, App Store Connect should stop asking you to answer the export compliance questionnaire for every submission, as long as your app’s encryption behavior does not change.

• ITSAppUsesNonExemptEncryption
• ITSEncryptionExportComplianceCode
• Overview of export compliance
• Determine and upload app encryption documentation
• Export compliance documentation for encryption