iOS export compliance

I successfully uploaded the first development version of my app on app store Connect. In order to use TestFlight I first need to submit Export Compliance Information. I have read several relative docs but this remains very unclear for me and I am still really unsure as to what I should declare.

My app uses:

1.cordova core plugins:

  • cordova-plugin-splashscreen
  • cordova-plugin-network-information
  • cordova-plugin-inappbrowser
  • cordova-plugin-dialogs
  • cordova-plugin-device
  • cordova-plugin-file

2.npm plugins:

  • cordova-plugin-filepath
  • cordova-plugin-admobpro
  • cordova-plugin-nativeclicksound
  • cordova-plugin-market
  • cordova-plugin-browser
  • cordova-plugin-wkwebview-file-xhr

3.Links to (http) php pages in my website which redirect to google forms that are https.

The yes/no questions apple asks me to answer are:

  1. Does your app use encryption? Select Yes even if your app only uses the standard encryption within Apple’s operating system. If I reply ‘yes’, then

  2. Does your app qualify for any of the exemptions provided in Category 5, Part 2 of the U.S. Export Administration Regulations?


  1. Should I assume that at least one of the plugins is making https calls (with admobpro being the most probable i suppose)? Even if not, is the redirect to https enough to consider a use of encryption?
  2. If I state that my app uses encryption, then does it qualify for an exemption?
  3. If I state that it qualifies for an exemption then what do I fill-in in the Annual Self-Classification for the U.S. Bureau of Industry and Security (B.I.S) ? None of the entries in the link makes any sense to me for my case…
  4. I read somewhere that these questions may be bypassed by setting the ITSAppUsesNonExemptEncryption variable “false” in Info.plist. Is this preferable and how do I set that? (I looked for this in VoltBuilder Docs but didn’t find it)

I’m not a lawyer nor an expert in Apple’s compliance rules, so I won’t try to answer that part of your question.

This thread on Stackoverflow has a number of suggestions for setting ITSAppUsesNonExemptEncryption.

The easiest solution is probably to add this to your config.xml:

<plugin name="cordova-ios-plugin-no-export-compliance"  />