Microsoft App Store
Fanny Lococo
All aspects of your product, including metadata, should accurately describe the functions, features, user experience and any important limitations of your product, including required or supported input devices.
Your product must not jeopardize or compromise user security, or the security or functionality of the device, system or related systems. You are solely responsible for all product safety testing, certificate acquisition (unless provided by Microsoft Store signing), and the implementation of any appropriate feature safeguards. You will not disable any platform safety or comfort features, and you must include all legally required and industry-standard warnings, notices, and disclaimers in your product.
Products that browse the web that are made available on the Xbox Console must not offer any functionality that would allow a user of the app to download or copy files, aside from those necessary for functionality of the app.
Your product must not attempt to fundamentally change or extend its described functionality or introduce features or functionality that are in violation of Store Policies through any form of dynamic inclusion of code. Your product should not, for example, download a remote script and subsequently execute that script in a manner that is not consistent with the described functionality
Your product must not contain or enable malware as defined by the Microsoft criteria for Unwanted and Malicious Software. Further, your product must not offer to install secondary software that is not developed by you and does not enhance the functionality of your product.
If your product has a dependency on non-Microsoft provided driver(s) or NT service(s), you must disclose that dependency to Microsoft in the certification notes in Microsoft Partner Center. Dependency on non-Microsoft provided driver(s) or NT service(s) is not allowed.
All game products, (exclusive of games made available through a subscription in PC gaming subscription products) and any products offered on Xbox consoles must be submitted using supported package types for ingestion and distribution by the Microsoft Store. For any products submitted in this manner, such products and in-product offerings must be installed and updated only through the Microsoft Store. (Note: This policy does not apply to products that are subject to the requirements in 10.2.9.)
Apps that enable the mining of crypto-currency on device are not allowed. Apps that enable remote management of the mining of cryptocurrency are allowed, as well as cryptocurrency wallets and trading platforms.
The binary and all of its Portable Executable (PE) files must be digitally signed with a code signing certificate that chains up to a certificate issued by a Certificate Authority (CA) that is part of the Microsoft Trusted Root Program.
Whenever you have an updated binary to distribute, you must provide an updated versioned download URL in Partner Center associated with the updated binary. You are responsible for maintaining and updating the download URL.
Products must support the devices and platforms on which they are downloaded, including compatibility with the software, hardware and screen resolution requirements specified by the product. If a product is downloaded on a device with which it is not compatible, it must detect that at launch and display a message to the customer detailing the requirements.
Products must start up promptly, continue to run and remain responsive to user input. Products must shut down gracefully and not close unexpectedly. The product must handle exceptions raised by any of the managed or native system APIs and remain responsive to user input after the exception is handled.
In instances where the developer has planned to discontinue a product and remove it from the Store (sunsetting) it is the developer's responsibility to notify the consumer in a timely manner and in accordance with any applicable laws. That notice must be reflected on the product description page to notify potential future customers, and it may also include messages inside the product. If product functionality is diminished during this process, the product may remain in the Store for a short period of time for the purpose of notifying customers.
The following requirements apply to products that access Personal Information. Personal Information includes all information or data that identifies or could be used to identify a person, or that is associated with such information or data.
If your product accesses, collects or transmits Personal Information, or if otherwise required by law, you must maintain a privacy policy. You must provide users with access to your privacy policy by entering the privacy policy URL in Partner Center when you submit your product. In addition, you may also include or link to your privacy policy in the product. The privacy policy can be hosted within or directly linked from the product. Your privacy policy must inform users of the Personal Information accessed, collected or transmitted by your product, how that information is used, stored and secured, and indicate the types of parties to whom it is disclosed. It must describe the controls that users have over the use and sharing of their information and how they may access their information, and it must comply with applicable laws and regulations. Your privacy policy must be kept up-to-date as you add new features and functionality to your product.
You may publish the Personal Information of customers of your product to an outside service or third party through your product or its metadata only after obtaining opt-in consent from those customers. Opt-in consent means the customer gives their express permission in the product user interface for the requested activity, after you have:
Products that receive device location must provide settings that allow the user to enable and disable the product's access to and use of location from the Location Service API. You must respect such settings, and if you choose to collect device location data in another way, such data is Personal Information and collection is subject to the other requirements of section 10.5. You must gain legally sufficient consent for your data practices, and such practices must generally comply with applicable laws and regulations.
The capabilities you declare must legitimately relate to the functions of your product, and the use of those declarations must comply with our product capability declarations. You must not circumvent operating system checks for capability usage.
The following products are required to use the Microsoft Store in-product purchase APIs for the purchase of digital goods and services. Purchase of digital goods and services includes voluntary donations that result in the user receiving digital goods or services in return for the donation, including but not limited to additional features or removal of advertising.
If your product is required to use the Microsoft in-product purchase API It must not direct users to a purchase mechanism other than the Microsoft Store in-product purchase API, but may enable users to consume previously purchased digital content or services.
Non-game in-app products made available on PC devices may either use a secure third-party purchase API or the Microsoft Store in-product purchase API for in-app purchases of digital items or services that are consumed or used within the product.
Digital in-product offerings sold in your product using the Microsoft in-product purchase API cannot be converted to, or exchanged for, any legally valid currency (for example, USD, Euro, etc.) or any physical goods or services or other currency of real-world value.
You must use the Microsoft payment request API or a secure third-party purchase API for purchases of physical goods or services, and a secure third-party purchase API for payments made in connection with real-world gambling or charitable contributions. If your product is used to facilitate or collect charitable contributions or to conduct a promotional sweepstakes or contest, you must do so in compliance with applicable law. You must also state clearly that Microsoft is not the fundraiser or sponsor of the promotion.
You must use the Microsoft payment request API or a secure third-party purchase API to receive voluntary donations from users. However, if the user receives digital goods or services in return, including but not limited to additional features or removal of advertising, you must use the Microsoft Store in-product purchase API instead.
Your product can offer the user the ability to permanently remain authenticated, but the user must have the ability to either require an authentication on every transaction or to turn off in-product transactions.
If your product collects credit card information or uses a third-party payment processor that collects credit card information, the payment processing must meet the current PCI Data Security Standard (PCI DSS).
Financial information includes, but is not limited to, entering bank or credit card account information, account pins or passwords, tax ID information, private or secret keys, or initiating transactions.
Your product and its associated metadata must provide information about the types of in-product purchases offered and the range of prices. You may not mislead customers and must be clear about the nature of your in-product promotions and offerings including the scope and terms of any trial experiences. If your product restricts access to user-created content during or after a trial, you must notify users in advance. In addition, your product must make it clear to users that they are initiating a purchase option in the product.
Non-game products made available on PC devices may either use a secure third-party or the Microsoft recurring billing API to bill for subscriptions of digital goods or services, and the following guidelines apply:
Notifications sent from your product must relate to the product or to other products you publish in the Store catalog, may link only to the product or the Store catalog listing of your other products, and may not include promotional messages of any kind that are not related to your products.
59fb9ae87f