Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Salesforce.com to impose massive fee hike for app store security review

Chris Kanaracus | Aug. 12, 2013
Free applications won't be affected by the change, Salesforce.com says.

Salesforce.com is raising the cost of an initial security review for paid applications in its AppExchange store from US$300 to $2,700, saying the hike will allow it to deliver the reviews much faster.

"At Salesforce.com, trust is our number one value," Salesforce.com senior vice president Ron Huddleston wrote in an official blog post this week. "The high standards that we set for ourselves, and that our customers absolutely expect, extend to our thriving partner ecosystem through the mandatory enterprise-grade security review for all AppExchange apps."

Beginning Sept. 1, the price hike will kick in for all new paid applications, Huddleston wrote. It will still cost $150 per year to list an application on the AppExchange and those offered free of charge won't be affected by the price change, he added. The fee for applications already in the review queue will remain at $300.

In addition, "all of the revenue from the price change will be reinvested back into the review process," Huddleston said.

Salesforce.com has seen an exponential rise in the number of applications submitted for review, according to Huddleston. "With these changes, we are able to dedicate more resources to the security review process, significantly reducing wait times for partners with apps in security review while also delivering the security and trust our customers expect."

The vendor also plans to give partners "more education around the importance of security and trust, actively promoting security and trust throughout the technical design process, and increased operational support to prevent unnecessary delays during security review," he added.

Apart from the security review fee, Salesforce.com also charges developers either 15 percent or 25 percent of net revenue derived from their applications, depending on the model they choose.

Huddleston's blog post quickly drew replies from posters identifying themselves as Salesforce.com developers.

"As a developer on the cusp of pushing an application to security review, this is a bit disappointing," one wrote. "I'm afraid the up front costs will drive a lot of imaginative people elsewhere. Maybe this is a knee jerk reaction but this is rough."

But some level of fee increase makes sense, as "it would serve as a healthy filter," another poster wrote. "It would seem sensible to have a modest increase of 2x or 3x for 100% native apps and perhaps the 9x increase for hybrid apps and those that connect to non-Salesforce systems."

However, the cost of a security review "should be commensurate with the level of effort," the poster added. "From what I can gather from logs, the security review of our most recent native app took about 3 hours."

Salesforce.com will devote "every dime" collected through the increased fees to security testing resources, Huddleston wrote in a reply. "It's not revenue generating. It's about a better service. Full stop."

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.