App certification requirements for the Windows Store
Document version: 5.0
Document date: January 23rd, 2014
In this document, we describe the criteria an app must meet to be eligible for listing in the Windows Store.
Thank you for your interest in developing apps for Windows. We’re committed to a relationship with you that supports your ambitions and encourages a diverse catalog of high-quality, engaging apps for Windows customers worldwide. We crafted these certification requirements with those goals in mind and they should help you make choices that enhance your app’s appeal and help speed its listing in the Windows Store.
We review every app before we list it in the Store. If our certification requirements change, we’ll identify the updates to ease your consideration. If you have feedback on the policies, please let us know by commenting in our forum. We will consider every comment.
Your apps are crucial to the experience of hundreds of millions of customers. We can’t wait to see what you create and are thrilled to help deliver your apps to the world.
1.1 Your app must offer customers unique, creative value or utility in all the languages and markets that it supports
The Windows Store offers only fully functional apps to provide customers with the best experience. Anything that might cause our testers to think that your app is not completely finished will cause your app to fail certification.
You can help us by testing your app thoroughly before you submit it, and by providing us the information we need to test your app thoroughly. For example, if your app requires login credentials, provide us with a demo account. If your app requires access to a server, tell us what we need to do to verify that it's working correctly.
See Requirement 6.13.1.
See Requirement 6.13.2.
If your app includes or displays ads, it must provide additional functionality beyond the ads.
Our content policies are described in Section 5. Windows Store apps are appropriate for a global audience.
See Revision history.
See Revision history.
See Revision history.
We describe these APIs in the Windows Store apps API reference. Your app may only depend on software listed in the Windows Store or that is identified as Windows 8 compatible in the Windows Compatibility Center.
Your app must not use registered protocols or file handlers to implement bi-directional data exchange with another app. Protocols and file handlers are customer controlled and are not guaranteed to be unique to any app. This means you cannot be certain of what app responds to a protocol or file handler invocation.
Windows Store apps must not communicate with local desktop applications or services via local mechanisms, including via files and registry keys.
Unless your app is a Storefront for software, your app must not encourage users to install desktop software that is not required to complete the primary value of the app.
3.2 Your app must not stop responding, end unexpectedly, or exhibit errors that significantly and adversely impact the customer experience
See Requirement 6.13.3.
3.4 Updates must not decrease your app’s functionality in a way that would be unexpected to a reasonable customer
See Requirement 6.13.4.
See Revision history.
See Revision history.
Your app must not attempt to change or extend the packaged content through any form of dynamic inclusion of code or data that changes how the application interacts with the Windows Runtime, or behaves with regard to Store policy. It is not permissible, for example, to download a remote script and subsequently execute that script in the local context of your app package.
See Requirement 3.12.2.
See Requirement 3.12.3.
This requirement applies if you depend on specific 3D graphics hardware features.
If your app includes an ARM or a Neutral package it must support Direct3D feature level 9_1. If your app does not support ARM it must support the minimum feature level chosen on the Store portal.
Because customers can change the graphics hardware in their computers after the app is installed, if you choose a minimum feature level higher than 9_1, your app must detect at launch whether or not the current hardware meets the minimum requirements. If not, the app must display a message to the customer detailing the Direct3D requirements.
In addition to supporting the chosen minimum Direct3D feature level, your app may use higher feature levels when available.
3.12.3 If your app contains Windows Runtime components, they must conform to the Windows Runtime type system
In particular, all Windows Runtime types:
- Must be located in the package file with the longest namespace-matching name.
- Must be the only types with public visibility in a Windows Metadata (.winmd) file.
- Must have a unique, case insensitive name.
- Must not be located in the Windows or global namespace.
- Must have public visibility unless the type is an interface marked as exclusive to a specific runtime class.
- Must be sealed unless the type is a runtime class marked as composable.
- Must compose an unsealed system class, if the type is a composable runtime class.
- Must not include write-only properties.
- Must not implement interfaces that are marked as exclusive to another class.
- Must not be generic or parameterized.
- Must not define methods that overload operators.
- Must not change signature or parameter names between interface and runtime method declarations.
- Must not include default values for method parameters.
- Must not include property getters that take input parameters.
- Must not include property setters that take more than the single set value parameter.
- Must not define factory methods with additional out parameters beyond the return value.
- Must not use IReferenceArray<T> or IReference<string> as a parameter type.
- Must not use the signed byte fundamental type.
- Must define enums with an underlying type of Int32 or UInt32 only.
- Must apply the FlagsAttribute to UInt32 enums.
- Must not apply the FlagsAttribute to Int32 enums.
A privileged app is an app that the device manufacturer has authorized to perform device operations. See Device sync and update for Windows Store device apps in Windows 8.1 for more information.
In each of your app’s packages, the app manifest elements must contain the correct values as described in the Package metadata requirements.
Your app’s packages must comply with the Package format requirements.
See Requirement 3.12.4.
App capability declarations that make your app network-capable include: internetClient, internetClientServer and privateNetworkClientServer.
Your app can publish a customer’s personal information to a service or other person only after obtaining opt-in consent.
Opt-in consent means the customer gives their express permission for the requested activity, after you have:
a) Described to the customer how the information will be used or shared; and
b) Provided the customer a mechanism through which they can later rescind this permission and opt-out, while continuing to use the app.
If your app publishes a person’s personal information, but that person is not a customer, you must obtain express written consent to publish that personal information, and you must permit the person whose information is shared to withdraw that consent at any time. If your app allows a customer to access another person’s personal information, this requirement would also apply.
Personal information includes all information or data that could reasonably be used to identify a person. Examples of personal information include: contacts, photos, phone number, audio & video recordings, location, SMS or other text communication, images of the computer’s desktop or screen shots, unique identifiers based on the computer's hardware, and in some cases, combined browsing history.
If your app uses the advertising ID, it may not collect or use it if the user has turned off the feature. If the user has chosen to reset the advertising ID, your app may not use any prior advertising ID values, or associate them with the new value.
4.2 Your app must respect system settings for notifications and remain functional when they are disabled
This includes the presentation of ads and notifications to the customer, which must also be consistent with the customer’s preferences, whether the notifications are provided by the Windows Push Notification Service or any other service. If a customer disables the notification function, either on an app-specific or a system-wide basis, your app must remain functional.
Additionally, the app must not include, link to, distribute through the Windows Push Notification Service, or otherwise provide an entry point for viruses, malware, or any other malicious software, to access the customer’s Windows system. The app must not modify or delete customers’ data without their consent.
Your app must transmit any log-in credentials, security questions, or other information designed to authenticate a user via a secure and encrypted transmission.
The Windows system includes the computer running Windows, peripheral devices, any software running on that computer, and any computers or software communicating with that computer.
4.4 Your app must not be designed or marketed to perform, instruct, or encourage tasks that could cause physical harm to a customer or any other person, PC, or peripheral
We would consider an app that allows for control of a device without human manipulation, or that is marketed for use to resolve emergency or life-saving situations to violate this requirement.
4.6 Your app must comply with Windows Push Notification Service (WNS) requirements if it uses WNS notifications
If your app uses the Windows Push Notification Service (WNS) to transmit push notifications, it must do so as described in this requirement.
a) You may only use WNS for apps distributed through the Windows Store. Notifications provided through WNS are considered app content and are subject to all Windows Store app policies, including the certification requirements.
b) Your app must be associated with only one Package Security Identifier.
c) You may not obscure or try to disguise the source of any WNS message or Package Security Identifier, or other unique referral identifier.
d) You may not include in a notification any info a customer would reasonably consider to be confidential or sensitive.
e) Your app must not use excessive network capacity or WNS bandwidth, or otherwise unduly burden the Windows system with WNS notifications. For example, using WNS to stream content or transfer files violates this requirement.
4.7 If you use a commerce transaction provider other than the Store's, you must identify the provider at the time of the transaction or whenever you collect any payment information from the customer
If your app uses the Windows.ApplicationModel.Store namespace for in-app purchases, this messaging is provided for you. If your app uses any other method for in-app purchases or to collect payments, it must display a message to the customer stating that who is responsible for the transaction.
For example, in-app purchases made from apps produced by Contoso that don’t use the Windows Store for the transaction would display a message such as, “This item is available from Contoso” at the time of the transaction.
4.8 Your app must prompt the user for authentication to allow a commerce transaction to be accomplished
The app can offer the user the ability to save this authentication, but the user must have the ability to either require an authentication on every transaction or to turn off in-app transactions. If your app uses the Windows.ApplicationModel.Store namespace for in-app purchases, this prompt is provided for you.
4.9 If your app collects credit card info or uses a third-party payment processor that collects credit card info, the payment processing must meet the current PCI Data Security Standard (PCI DSS)
This section describes types of content that are not permitted in the apps made available in the Windows Store.
Content means the images, sounds, and text contained in the app, the tiles, notifications, error messages or ads exposed through your app, and anything that’s delivered from a server or that the app connects to. Because Windows and the apps in the Windows Store are used around the world, these requirements will be interpreted and applied in the context of regional and cultural norms.
5.1 Your app must conform to our content and age rating guidelines, and metadata must be appropriate for everyone
Your app and any ads within your app must conform to our content and age rating guidelines, and metadata must be appropriate.
5.1.1 Apps with a rating over PEGI 16, ESRB MATURE, or that contain content that would warrant such a rating, are not allowed, unless the app is a game, is rated by a third party ratings board, and otherwise complies with these certification requirements.
5.1.2 Metadata and other content you submit to accompany your app may contain only content that would merit a rating of PEGI 12, ESRB EVERYONE, or Windows Store 12+, or lower.
5.1.3 We understand that in some cases, apps provide a gateway to retail content, user generated content, or web based content. We classify those apps as either Storefront apps, whose primary function is to aggregate and sell third party media or apps, or Streaming apps, whose primary function is to aggregate and stream web-based images, music, video or other media content. In some cases, it may be acceptable for a Storefront or Streaming app to include some content that might otherwise be prohibited in a single purpose app. If your app is more likely than not to include some user generated content that would otherwise be prohibited under these requirements, you must include a mechanism for users to bring the presence of such content to your attention, and you must provide filtering tools such that users must opt in to receiving access to feeds or content that has a higher likelihood of violating these requirements.
5.1.4 Moved— See Requirement 6.2.
5.1.5 Moved— See Requirement 6.2.
5.2 Your app must not contain content that advocates discrimination, hatred, or violence based on membership in a particular racial, ethnic, national, linguistic, religious, or other social group, or based on a person’s gender, age, or sexual orientation
5.3 Your app must not contain content or functionality that encourages, facilitates or glamorizes illegal activity in the real world
5.4 Your app must not contain or display content that a reasonable person would consider to be obscene or pornographic
5.6 Your app must not contain content that facilitates or glamorizes excessive or irresponsible use of alcohol or tobacco products, drugs or weapons
5.7 Your app must not contain content that facilitates or glamorizes extreme or gratuitous violence, human rights violations, or the creation or illegal use of weapons against a person or animal in the real world
Your app’s name is what we use to list your app in the Windows Store. You must give your app a name that is unique throughout the Windows Store catalog. You can give your app a name in another language; but additional names must also be unique throughout the Store.
6.2 Your app must have a Windows age rating, and you must submit third-party ratings for your app if you have them
6.2.1 You must assign a Windows Store age rating that most accurately matches your app. The Age rating page contains more detailed descriptions of the content that is suitable for each Windows Store age rating.
6.2.2 If your app provides a user with uncontrolled: (i) access to online social networks, or (ii) sharing of personal information with third parties, including other gamers or online acquaintances, then you must assign it a Windows Store rating of at least 12+. For such activity to be considered "controlled", your app must include parental control features that require parental permission to use such sharing features, and you must identify those and explain their functionality in the Notes to testers.
6.2.3 If you submit a Storefront or Streaming app, you should rate your app in accordance with this section. You should also consider the target audience for your Storefront or Streaming app in your rating, based on the content that users of your app may be able to access.
6.2.4 If a rating under any particular rating system is required by law in any country, you must include the rating documentation for that rating system along with your app.
6.2.5 If your app is rated by an optional ratings board that is identified in Rating boards for Windows apps, you must also submit that ratings certificate for the app and provide the appropriate content descriptors.
6.2.6 If your app has multiple rating board ratings that each correspond to different Windows Store age ratings, you should assign the Windows Store age rating that corresponds to the older audience. Apps with a rating over ESRB MATURE are generally not allowed.
6.2.7 If your app is a search engine that enables users to search broadly across the Internet, then your app must be rated 12+. Apps that enable search for a distinct content set (such as news only or video only), are not search engines under this definition. The age rating for such apps should be determined by the purpose, function and content of the app.
6.2.8 If your app is a Web browser, enabling broad access to Internet content, then the app must be rated 12+.
We don’t provide customer or technical support for your app. You must provide that support and specify easily discoverable and accurate technical support info for your app in the Support contact info field of the Description.
If your app requires authentication, such as a user or account name and password, you must provide a retrieval mechanism for account info—for example, through a secondary email account or phone support—and respond to customers within 24 hours.
See Requirement 6.13.5.
See Requirement 6.13.8.
6.6 The capabilities you declare must relate to the core functions and value proposition of your Windows Store app, and the use of those declarations must be compliant with our app capability declarations
Learn more about our app capability declarations.
See Revision history.
See Requirement 3.12.5.
See Requirement 3.12.6.
See Requirement 6.13.5.
See Requirement 6.13.6.
6.13 The metadata and other materials you provide to describe your app must accurately and clearly reflect the source, function and features of your app
The screenshots, app name, developer name, tile, and app description you provide with your app should make it easy for a user to understand the functions, features, and any important limitations of your app. If your app only functions with certain hardware, in certain geographies, or has other important limitations, those should be clearly described. You should not represent your app to be from a company, government body, or other entity if you do not have permission to make that representation.
6.13.3 Your app must provide the same user experience on all processor types and target operating systems that it supports
If your app has a different user interface or functionality when it runs on different processor types or target operating systems, you must submit a separate app for each processor type and describe the differences in the Description of each app.
6.13.4 If your app doesn’t fully support touch input and fully support keyboard and mouse input, you must disclose that in the description elements of the app
6.13.5 If your app contains content or features restricted to certain regions, those restrictions must be clearly indicated in your app’s Description page
If your app is marked with the Accessibility checkbox, it must meet the baseline requirements of exposing information about the UI elements, implement keyboard accessibility, support high contrast, and meet requirements for accessible text.
Your app can only support Windows Store allowable languages, and at least one of those languages must be a certification language. The experience provided by an app must be reasonably similar in all languages that it supports.
You must provide a complete description of your app for your customers in each language that you declare in your app's package. The other elements of your app's description, such as screenshots, text and promotional images, must be localized. If your app is localized such that some features are not available in a localized version, you must clearly state or display the limits of localization in the app description.
In addition to these requirements, you must certify desktop apps under the Windows Desktop App Certification program.
7.1 The purchase page link provided for your app must send users to a location where they can directly download the app, and must not lead users to another intermediary site or a site that spoofs the purchase page
Users must be able to acquire your app quickly and easily after they are directed to your purchase page from the Windows Store.
You are allowed to provide two purchase page links for your app. You must use these links to provide users access to 64-bit and 32-bit versions of your app.
7.2 The information you provide to the Store about your app must match the information used on the purchase page for that app. That includes your app or company logo, the app name, price and major and minor version numbers
Thank you for taking the time to review these requirements. We are committed to providing a high quality catalog of apps in the Windows Store, and reserve the right to remove from the catalog any app that fails to meet these requirements.
Again, thank you for joining us in this commitment to delivering fantastic experiences.
|Date||Version||Summary of changes||Link to document|
|January 23rd, 2014||5.0||
1.2 REVISED— clarified requirement.
1.3 MERGED— now detailed in requirement 6.13.
1.4 MERGED— now detailed in requirement 6.13.
2.3 DELETED— removed requirement that an app not use its description, tiles, notifications, app bar, or the swipe-from-edge interactions to display ads.
2.4 DELETED— removed requirement that the primary experiences your app provides must take place within the app.
3.3 MERGED— now detailed in requirement 6.13.
3.5 MERGED— now detailed in requirement 6.13.
3.6 DELETED— removed requirement that an app must use the mechanisms provided by the system for those features that have them.
3.8 DELETED— removed requirement for the basic performance criteria on a low-power computer.
3.10 MERGED— now detailed in requirement 3.12.
3.11 MERGED— now detailed in requirement 3.12.
3.12 REVISED— expanded and clarified requirement.
3.13 MERGED— now detailed in requirement 3.12.
4.5 DELETED— removed requirement for large data transfers over metered networks.
5.1 REVISED— clarified requirement.
5.1.4 MERGED— now detailed in requirement 6.2.
5.1.5 MERGED— now detailed in requirement 6.2.
6.4 MERGED— now detailed in requirement 6.13.
6.5 MERGED— now detailed in requirement 6.13.
6.8 MERGED— now detailed in requirements 5.1 and 6.13.
6.9 MERGED— now detailed in requirements 3.12.
6.10 MERGED— now detailed in requirements 3.12.
6.11 MERGED— now detailed in requirements 6.13.
6.11 MERGED— now detailed in requirements 6.13.
6.12 REVISED— expanded and clarified requirement.
|October 17th, 2013||4.7||
2.5 DELETED—removed requirement that ads must not execute program code that didn't come from the ad provider.
3.1 REVISED—added information regarding use of protocols.
3.2 REVISED—clarified requirement.
3.3 REVISED—requirement for app to provide the same user experience across all target operating systems.
3.5 REVISED—requirement for visual feedback on touch elements removed.
3.6 REVISED—replaced "snapped state" requirement with "functional when the app's window is resized".
3.12 ADDED—added requirement that the app must pass the Windows App Certification Kit.
3.13 ADDED—Requirement that an app utilizing 3rd party device drivers must be a privileged app for that device.
4.1.3 ADDED—added policy to respect the user's choice when it comes to "advertising ID".
4.3 REVISED—added peripheral devices to the definition of what constitutes a "Windows system".
4.4 REVISED—updated requirement that an app must not instruct/encourage user to cause physical harm to include the PC or its peripherals.
5 REVISED—requirement segmented into sub-items.
5.1.3 ADDED—requirement to provide adult content filter settings in Storefront/Streaming apps.
6 REVISED—requirement segmented into sub-items.
6.2.6 REVISED—clarified requirement.
6.7 DELETED—removed the requirement to describe app changes when submitting an update.
6.8 REVISED—requirement about screenshots that have been "graphically enhanced" moved to certification requirement 6.13.
6.13 ADDED—new requirement around truth-in-advertising within app metadata.
7.1 REVISED—clarified policy language.
|V4.7 Certification requirements|
|March 20, 2013||4.6||
3.1 REVISED—clarified policy language.
4.3 REVISED—clarified policy language.
6.8 REVISED—clarified policy language.
6.12 ADDED—included information requiring apps to conform to accessibility guidelines if the app is identified as supporting accessibility.
|V4.6 Certification requirements|
|December 11, 2012||4.5||
4.1.1 REVISED—modified language to refer to transmitting data, instead of just personal information.
5.1 REVISED—added information on what types of apps can have an age rating over PEGI 16 or ESRB Mature. Included additional information on age ratings for apps that are search engines.
5.3 REVISED—clarified policy language.
5.4 REVISED—clarified policy language.
5.6 REVISED—clarified policy language.
5.7 REVISED—clarified policy language.
6.2 REVISED—added ratings for 18+ content.
|V4.5 Certification requirements|
|October 19, 2012||4.0||
2.3 REVISED—added information on app description.
3.1 REVISED—added information about Windows Store apps communicating with desktop applications.
4.1.1 REVISED—added information on apps that connect to the Internet.
4.1.2 REVISED—clarified that users must be able to rescind permission and still be able to use the app.
4.7 REVISED—clarified information on using commerce transaction providers other than the Windows Store.
4.8 REVISED—added information on prompting the user when an in-app purchase occurs.
6.5 REVISED—clarified information on providing localization information in the app description.
6.8 REVISED—added information on providing localized screenshots.
7.2 REVISED—added information about your app or company logo.
|V4.0 Certification requirements|
|July 9, 2012||3.0||
Synchronized version numbers between App Developer Agreement and Certification Requirements.
1.1 REVISED—added text to help clarify the policy.
2.3 REVISED—added text to help clarify the policy.
3.1 REVISED—added text to help clarify the policy.
3.9 ADDED—included information on app logic.
3.10 ADDED—included information on apps that depend on 3D graphic hardware features.
3.11 ADDED—included information requiring apps to conform to Windows Runtime type system.
4.1 REVISED—expanded information related to privacy policies. Includes two new subsections: 4.1.1 and 4.1.2.
4.3 REVISED—clarified that apps cannot modify or delete customer data without consent.
5.1 REVISED—added text for apps that act as storefronts or that stream content.
6.2 REVISED—added text for apps that act as storefronts or that stream content, specified that apps that collect or transmit personal information must use a rating of 12+.
6.4 REVISED—added that apps must list any restrictions in the Description page for the app.
6.5 REVISED—added text on app localization.
|V3.0 Certification requirements|
|May 31, 2012||1.2||
1.2 REVISED—added examples.
2.4 REVISED—clarified statement about apps that mimic websites.
3.1 REVISED—added information on communication with desktop apps.
3.3 REVISED—clarified requirement.
3.5 REVISED—clarified requirement for apps to support touch and keyboard/mouse equally.
3.6 REVISED—added information on the use of nav and app bars.
4.1 REVISED—clarified requirement.
4.3 REVISED—clarified how this requirement applies to Windows systems.
4.7 REVISED—clarified requirement.
4.8 ADDED—included information on in-app purchases that don't use the Windows Store.
4.9 REVISED—previously was 4.8.
5.1 REVISED—updated to include app metadata.
6.2 REVISED—updated to make app ratings easier to read.
6.5 REVISED—included more details for localization for supported languages.
6.6 REVISED—included more info on app capabilities.
6.7 REVISED—clarified requirement for describing changes to your app.
6.8 REVISED—clarified that you must provide localized screenshots.
7 ADDED—requirements for desktop apps.
|February 8, 2012||1.1||
2.3: REVISED - made more specific.
2.4: REVISED - clarified and made more specific.
3.5: REVISED - added external reference to Windows 8 Touch Language and clarified.
3.6: REVISED - added more specific examples.
3.7: DELETED - merged with 3.5.
3.8: ADDED – describe performance testing already being performed by the Windows App Certification Kit.
4.6: REVISED – removed some of the WNS usage limitations.
4.7: ADDED – display identity of party responsible for in-app purchase transactions.
4.8: ADDED – payment processing security standard.
Throughout: minor typographical and terminology corrections that don’t change the meaning or intent of the document.
|Dec. 6, 2011||1.0||Initial draft of document for Store Preview.|