Fix Library · 1.6 Data Security

Insecure transport or hardcoded secrets (HTTP, ATS disabled, API keys in the binary)

Apple flagged your app for weak data security — usually plaintext HTTP traffic, App Transport Security turned off globally, or secrets/API keys shipped in the app binary.

Confidence: high utilityloginSaaSAI appno-code React NativeExpoSwiftUIFirebaseInfo.plist

Apple said something like

Guideline 1.6 - Safety - Data Security. Your app does not appear to use appropriate security measures to protect user data during transmission. We found network calls made over HTTP rather than HTTPS.
Your app disables App Transport Security with NSAllowsArbitraryLoads set to true without a documented reason. Please use HTTPS and scope any exceptions to specific domains.
We found sensitive credentials embedded in your app binary. Storing secrets in the app is a security risk as they can be extracted.
Your app transmits personal or sensitive information without encryption.

The full fix is locked

Unlock the exact steps, the reply you can paste into Resolution Center, and the AI prompt to fix it — for this rejection and every other one in the kit.

One-time payment · lifetime access. Already have a key? Unlock.