Skip to content

Glossary

Notarization

Apple's automated malware scan + signature for Developer ID binaries distributed outside the App Store. Required for Gatekeeper to run them on user Macs.

Notarization is the Apple service that scans Developer ID-signed binaries and issues a signed "ticket" confirming the binary passed. Required since macOS 10.15 for non-App-Store apps to run without Gatekeeper friction.

How it works:

  1. Developer submits a signed binary to Apple's notarization service.
  2. Apple runs an automated malware scan and basic integrity/policy checks.
  3. If clean, Apple returns a notarization ticket — a small blob signed by Apple confirming the binary's CodeDirectory hash passed.
  4. The developer staples the ticket to the distribution via xcrun stapler staple.

When the binary is first run on a user's Mac, Gatekeeper:

  • Verifies the code signature and chain.
  • Looks for a notarization ticket — either stapled to the binary, or fetched on-demand from Apple's notarization servers using the CodeDirectory hash as a lookup key.

Without a valid ticket, Gatekeeper refuses to run the binary; the user sees an "Apple could not verify..." dialog.

Notarization is not code review — it's automated scanning. The legal contract is "Apple has scanned this binary and didn't find malware at scan time."

See also: code signing, AMFI, and the code signing chain article.