How to fix the "Apple could not verify [app]" warning
Apple’s restrictive ecosystem and built-in security do a lot to shield you from cyber threats. But no system is foolproof, especially if you sidestep its safeguards. Before downloading an unvetted app, it’s essential to understand the associated risks. Then, enlist the help of Norton 360 Deluxe to scan for hidden malware and threats.
![A man wearing an orange sweater reads an “Apple could not verify [app] is free of malware” warning on his MacBook.](/content/dam/blogs/images/norton/am/apple-could-not-verify-app-hero.jpg)
When your Apple device shows a message like “Could not verify [app] is free of malware” or “[App] can’t be opened because it is from an unidentified developer,” it doesn’t necessarily mean the app is harmful. But it does mean Apple doesn’t recognize or trust the app’s source.
Keep reading to learn when it might be safe to bypass these warnings, what precautions to take before doing so, and how to respond if something seems a little off after installation.
Or, skip ahead for step-by-step instructions on safely resolving the “could not verify” error.
Why can’t some apps be opened or verified on Mac?
Some apps can’t be opened or verified on Mac because they aren’t from identified developers or haven’t been notarized by Apple. macOS blocks these apps to protect you from potential malware or security risks. This is part of Apple’s Gatekeeper system, which ensures third-party apps meet certain safety and trust standards.
Why am I getting the "Apple could not verify this app is free of malware" warning?
The “Apple could not verify this app” message appears when an app is downloaded outside the App Store and either lacks a verified digital signature confirming the app’s source and integrity, or hasn’t passed Apple’s automated malware checks. This warning is most common with third-party apps, modified software, or tools distributed directly by developers rather than through official Apple channels.
5 risks of downloading unverified apps
Downloading unverified apps on your Mac can expose you to a range of security and performance risks. Here's how these threats can unfold:
- Malware installation: Unvetted apps without verified digital signatures may carry trojans, spyware, ransomware, or other types of malware.
- Data theft: Once installed, malware can access, alter, exfiltrate, or delete personal files — or encrypt them and demand payment for their recovery.
- Account hijacking: Keyloggers and other spyware tools can capture login credentials for email, cloud services, or social media. Attackers may lock you out by changing passwords or use your accounts to commit cybercrime.
- Financial fraud: If attackers manage to steal your online banking credentials, credit card numbers, or sensitive personal information like your Social Security number, they can potentially drain your accounts or fraudulently open new lines of credit in your name.
- Performance deterioration: Malware consumes CPU and memory resources, which can slow down your Mac noticeably and cause apps to freeze or crash. Over time, it can degrade system stability and responsiveness.
When is it safe to bypass the “macOS cannot verify that this app is free from malware” warning?
Downloading unverified apps from outside the App Store always carries a level of risk. But if the app comes from a trusted developer or an open-source project with a strong reputation, it may be reasonable to proceed with caution.
Use this table to help assess the risks associated with a particular app before bypassing Apple’s security warning:
Proceed with (low-risk apps) |
Don’t bypass (high-risk apps) |
---|---|
Downloads from open-source or well-known indie developers |
Downloads from torrents, forums, or unofficial sources |
Hosting on secure (HTTPS) or an official site |
Apps that show ads or pop-ups during install |
Active updates on GitHub or have strong community presence |
Promises of free access to paid apps |
Reviews from trusted tech or security sources |
Requests to disable Gatekeeper or firewall |
Clear support channel or documentation |
Apps with no reviews, developer info, or track record |
Scare tactics or urgent warnings |
|
Poor grammar, typos, or unprofessional design |
What to do before bypassing Apple’s security measures
If you’ve searched for safer, verified alternatives, carefully weighed the risks, and still decide to install an unverified app, first make sure you’ve taken precautions to protect your device and data.
Here’s what to do before bypassing the Gatekeeper warning:
- Check for a verified version: Before downloading software from the web, see if a version is available in the Mac App Store. Developers sometimes offer both, and choosing the App Store version reduces the risk of downloading a tampered or malware-infected file.
- Read reviews: Search for user feedback on forums like Reddit, GitHub, or trusted Discord communities to assess the app’s legitimacy and functionality before downloading it.
- Install macOS updates: An updated macOS helps patch vulnerabilities that attackers may exploit. Make sure your system is running the latest version before installing any new software.
- Back up your data: Create a backup of your important files before proceeding. Consider using a cloud storage service to keep your files safe and accessible even if malware locks, corrupts, or wipes your local device.
- Install anti-malware: Use trusted security software like Norton 360 Deluxe to help protect your Mac in real time by scanning downloads for hidden threats, and blocking malicious behavior before it causes harm.
- Read app permissions: Carefully read the permissions the app asks for. If it asks for more access than is needed for its function, an attacker could be trying to spy on you, steal your data, or remotely control your device.
- Verify the app’s source: For any app you download directly, confirm its integrity using the checksum — a unique code (like an MD5 or SHA-256 hash) generated from a file’s contents that acts like a digital fingerprint, ensuring it hasn’t been tampered with.


How to bypass “Apple could not verify this app is free of malware” safely
If you’re sure you want to proceed, there are various ways to bypass or temporarily disable Apple’s Gatekeeper warning to run or install an unverified app.
Allow an override
Risk level: Moderate
Allowing an override lets you open a third-party app by manually adding it to your MAC allowlist or whitelist, without permanently altering your security settings. Here’s how:
- Right-click the app in Finder and select Open from the drop-down menu.
- The “downloaded from the Internet” or “could not verify [app] is free of malware” warning will pop up.
- Click Open again to override the warning.


Opt to “Open Anyway”
Risk level: Moderate
You can also override Gatekeeper for a specific app through your system settings. To complete this process:
- Go to System Settings > Privacy & Security.
- Scroll to Security and look for the blocked app.
- Click Open Anyway next to the warning.


Disable Gatekeeper
Risk level: High
We don’t recommend completely disabling Gatekeeper as this removes Apple’s app verification safeguards, allowing any app — verified or not — to run without security checks. If you choose to run the risk, always re-enable Gatekeeper immediately after installation to restore protection.
- Open Terminal.
- Type sudo spctl --master-disable and press Return.
- Enter your admin password when prompted.
- Open or install the unverified app.
- Re-enable macOS Gatekeeper by entering sudo spctl --master-enable into Terminal, pressing Return, and entering your password.


How to scan for malware after a suspicious app download
After installing an unverified app, scan for threats right away using a malware scanner that checks files in real time and leverages machine learning to detect even ultra-stealthy emerging threats.
1. Download Norton 360 Deluxe.
2. Open the app and click Security in the left-hand panel.
3. In the new window, select Scans.
4. Click Full Scan to start a comprehensive check of your entire system.
5. Follow the on-screen prompts to quarantine or remove any detected threats.


Detect hidden malware
Macs have strong in-built protection against malicious programs, but it’s smart to layer your defenses — especially if you bypass Apple’s “walled garden” safeguards. Norton 360 Deluxe offers a powerful suite of always-on malware detection, prevention, and removal tools that help protect you even if you unknowingly download a malicious file or visit a compromised site.
Apple Pay is a registered trademark of Apple Inc.
Editorial note: Our articles provide educational information for you. Our offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about Cyber Safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses. The Norton and LifeLock brands are part of Gen Digital Inc.
Want more?
Follow us for all the latest news, tips, and updates.