Does an iOS app that uses StoreKit "use encryption", as in Apple's Export Compliance Information question?

Question

I've written a synthesiser app that uses the StoreKit API to interface with the App Store for the purposes of facilitating an in-app purchase.

When I uploaded the binary to App Store Connect, I was asked:

Does your app use encryption? Select Yes even if your app only uses the standard encryption within Apple’s operating system.

I assume that I should answer yes because I presume that the StoreKit API uses encryption when it connects to the App Store.

When I answer yes, I'm asked:

Does your app qualify for any of the exemptions provided in Category 5, Part 2 of the U.S. Export Administration Regulations?

Make sure that your app meets the criteria of the exemption listed below. You are responsible for the proper classification of your product. Incorrectly classifying your app may lead to you being in violation of U.S. export laws and could make you subject to penalties, including your app being removed from the App Store.

You can select Yes for this question if the encryption of your app is: (a) Specially designed for medical end-use (b) Limited to intellectual property and copyright protection (c) Limited to authentication, digital signature, or the decryption of data or files (d) Specially designed and limited for banking use or “money transactions”; or (e) Limited to “fixed” data compression or coding techniques

You can also select Yes if your app meets the descriptions provided in Note 4 for Category 5, Part 2 of the U.S. Export Administration Regulations.

I don't know how I should respond to this question. Can anyone who knows something about this process offer some advice?

Answer 1

You are correct that StoreKit uses encryption.

Your app qualifies for exemption (c). You just need to submit a Self-Classification Report the following January to fully qualify to use this exemption.