AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content.
Downloading applications from the Internet can be a hazardous task, with the high potential for software to become a problem. Acquiring a download could, in a worst-case scenario, lead to the installation of malware that could wipe data or hold it at ransom.
Downloading apps from the Mac App Store is also a solid plan for ensuring the Mac runs only safe software. This isn’t always possible, though. Sometimes, an app isn’t available from the Mac App Store, so you have to look elsewhere.
Savvy Internet users will have their ways of knowing whether a download is safe or not, such as by ensuring it’s downloaded from an official source like the developer’s website. Again, nothing is foolproof, so as an extra safety net, macOS includes systems to protect users, but even this can interfere with what you want to do.
I am the Gatekeeper
Gatekeeper is the system Apple uses in macOS that tries to protect the Mac from malware by limiting what can run. Rather than allowing anything to run, Gatekeeper acts as a digital bouncer, verifying the app before executing it.
In essence, Gatekeeper verifies a downloaded app before running it for the first time. As part of this, it ensures the app has either been sourced from the Mac App Store or, if acquired from the wider Internet, that it has been signed by a valid Developer ID and notarized by Apple.
The Developer ID certificate is issued by Apple and provided to a developer as an indicator that they are a trusted party and the creator of an app. However, that’s not all an app needs to pass the Gatekeeper.
Since macOS 10.15, all software distributed with a Developer ID must be notarized. The developer must provide the app to Apple’s automated notary service that scans the software and performs other checks to ensure it’s safe to run.
A notarized app with a valid Developer ID and a Gatekeeper-readable ticket is trusted by macOS and should run without any issues.
Exceptions are problematic
Like any good bouncer guarding a nightclub, Gatekeeper will automatically stop downloaded apps from proceeding if they don’t have a valid Developer ID and aren’t notarized.
In regular use, this isn’t a big deal. Where it becomes a problem is if you’re using software that hasn’t been notarized at all.
While typically not a good sign, this can be completely innocent, such as if a developer hasn’t updated an app in multiple years. If it’s old enough, it won’t have been updated since notarization became required for Developer ID-associated apps.
How to bypass Gatekeeper for downloaded apps in macOS
- Download and install the app.
- Attempting to run it may show a window explaining it cannot be opened because “Apple cannot check it for malicious software.” Click Ok.
- Open System Preferences and select Security & Privacy.
- If the padlock in the bottom left is locked, click it and authenticate to unlock it.
- Next to the message explaining the app “was blocked from use because it is not from an identified developer,” click Open Anyway.
- Close System Preferences.
- Run the app.
- A notice will reiterate the warning about an inability to check if it is malicious. Click Open.
If it isn’t already obvious based on earlier paragraphs in this article, AppleInsider doesn’t recommend downloading and installing apps to your Mac and bypassing Gatekeeper unless you have good reason to do so.
There may be apps that have been notarized or can be acquired from the Mac App Store that can do the same job and are much safer. If not, you must ensure that the app you want to run is secure before installing it to avoid malware.
Bypassing Gatekeeper is possible and adds a few more steps to getting unmaintained software to run. Just don’t make a habit of it.