As part of ongoing efforts to improve security and privacy on Apple platforms, the App Store Intermediate Receipt Signing Certificate is being updated to use the SHA-256 cryptographic algorithm. This certificate is used to sign App Store receipts, which are proof of purchase for apps and in-app purchases.
This update is being completed in several phases and some existing apps on the App Store may be affected by the upcoming update, depending on how they check receipts.
From January 24, 2025If your app performs receipt validation on the device and does not support the SHA-256 algorithm, your app will not be able to validate the receipt. If your app prevents customers from accessing the app or premium content when receipt validation fails, your customers may lose access to your content.
If your app performs receipt validation on the device, update it to support certificates that use the SHA-256 algorithm; Alternatively, use the AppTransaction and Transaction APIs to verify App Store transactions.
For more details, see TN3138: Handling App Store Receipt Signing Certificate Changes.
