Apple export regulations for Themis

If your application uses Themis and you want to submit it to the Apple App Store, you are required to do the following:

  • Indicate that you're using cryptography when submitting your application for review (select “YES” that your application incorporates cryptography).
  • Send an annual (year-end) self-classification report to the US government to comply with the encryption export regulations.

While filling in the Apple’s form, select “NO” in the Export Compliance section because Themis cryptographic library is exempt from the need for detailed classification. Themis is based on an open-source OpenSSL/BoringSSL library and uses standard publicly available ciphers. Read more in the official Apple export compliance overview and BIS guidelines (you might need to use a VPN to access it).

Submitting an annual self-classification report

The procedure is as follows.

These are the values that most of our customers use in their CSV reports:

ECCN: 5D992.c

AUTHORIZATION TYPE: MMKT

ITEM TYPE: Mobility and mobile applications n.e.s.

NON-U.S. COMPONENTS: N/A

NON-U.S. MANUFACTURING LOCATIONS: N/A

Please see How to file an Annual Self Classification Report by the Bureau of Industry and Security for more details.

Additional resources

For further guidance, use these links: