Core NFC App Review checklist
NFC features depend on physical objects. Review readiness requires a route that proves what the app scans, why, and what happens when the tag is unavailable.
Use Core NFC for a visible real-world task, such as reading tags that contain NDEF data or supported tag information. Apple Core NFC documentation says apps can read NFC tags and NDEF messages. AppReviewReady interpretation: provide a no-tag fallback or sample route so App Review can understand the feature remotely.
Tie NFC to a real-world object
Name the object and outcome: scan a product, verify equipment, open a ticket, read a museum tag, pair a device, log inventory, or start a field workflow. NFC should not be a mysterious permission-like feature.
If the scan is optional, the app should still be useful without a tag. If the scan is core, reviewers need a way to see the intended state without owning your physical environment.
Document supported tag types
- Tag technology and data format should match the app's claims.
- Invalid, blank, expired, and unsupported tags should show clear errors.
- Repeated scans should not duplicate irreversible actions.
- Sensitive payloads should be validated before the app trusts them.
- Tag writing, if supported, should explain what data is written and how it can be changed.
Treat scanned payloads as user data when appropriate
An NFC payload can reveal a product, location, ticket, identity, device, workplace asset, or health accessory. The privacy label and policy should describe what is collected, stored, linked, and shared after scanning.
AppReviewReady interpretation: do not describe NFC as local-only when scans are uploaded to a server for validation, analytics, fraud checks, or account history.
Test scan sessions and no-tag states
- Start a scan from visible user intent and cancel it before detection.
- Scan valid, invalid, unsupported, duplicate, and expired tags.
- Test no NFC hardware support, no network, signed-out, and denied account states.
- Verify scan results do not bypass login, payment, eligibility, or age gates.
- Check support screens for users whose physical tag is damaged or missing.
Prepare an NFC review route
If physical tags are unavailable to Apple, include a demo state, screenshots, or manual code that reaches the post-scan screen without pretending the scan occurred.
Keep NFC copy narrow when the tag controls access, payment, identity, or safety-sensitive equipment. The app should not imply that any scanned tag is trusted until the payload and account state are validated.
If scans trigger irreversible actions, require a confirmation after reading the tag. The user should see what will happen before the app changes access, inventory, or account state.
Retest after changing tag encoding or backend validation rules.
Core NFC review path: Object scanned: [product/tag] Tag type/data: [NDEF or type] How to trigger scan: [steps] No-tag fallback: [demo/manual code] Server upload: [yes/no] Invalid tag behavior: [message] Physical sample needed: [yes/no]
Primary references checked for this guide
Policy statements above are grounded in the linked Apple documentation. Operational recommendations are AppReviewReady's interpretation and should be tested against your app and the current guideline text.
Check NFC readiness
Review tag purpose, scan states, privacy, and no-tag fallback before submission.
Open the tool