What to check before you buy an app business
When people buy an app, they check the revenue, the downloads, and the reviews. Almost nobody checks the thing they are actually buying, which is the codebase. The revenue can walk away. The code is what you own the day after the transfer.
I have spent 9+ years building and fixing iOS apps, and I now audit codebases for a living. Here is what I would check before wiring money for an app, in the order I would check it.
Can anyone else actually ship this app?
Ask the seller to hand the project to an engineer you trust and have them build it from a clean checkout. Not from the seller’s laptop. From the repository, on a fresh machine, following whatever setup notes exist.
You would be surprised how often this fails. Missing configuration, keys that live only on one machine, a signing setup nobody documented, a build that depends on a folder the seller forgot exists. If the app only ships from one person’s laptop, you are not buying an app. You are buying a dependency on the seller.
Who owns the code inside the code?
Most apps are part original work, part open source libraries, and part code a contractor wrote years ago. Three questions matter. Are the library licenses compatible with a commercial app? Did every contractor sign over their work? Is there code copied from somewhere it should not have been copied from?
This is boring to check and expensive to skip. A license problem does not show up in a demo. It shows up later, when you are bigger and worth suing.
How close is the app to breaking on its own?
An app can be profitable and still be a few months from trouble. Old SDK versions, deprecated APIs, a minimum OS version Apple is about to move past, a third-party service that announced its shutdown. None of this shows in screenshots. All of it is visible in the code and the dependency list.
The question is not whether the app works today. It is how much of it stops working if the seller does nothing for a year, because for the first months after the sale, you are effectively the seller who does nothing.
What is the backend, and is it in the deal?
Most apps lean on a server. Sometimes the seller owns it. Sometimes it is a collection of services under the seller’s personal accounts. Find out what it costs per month, what happens if your user count doubles, and whether every account transfers with the sale. An app whose backend stays behind is a screenshot of a business.
Where does the money touch the code?
You do not need every file to be beautiful. You need the screens and flows that earn the money to be changeable, because your growth plan is a list of changes. If the purchase flow lives in one giant file that no test covers, your first improvement to it is a gamble, and so is every one after that.
What does the release history say?
Look at the update cadence and the crash reports. An app that shipped monthly and then went quiet for a year is telling you something. So is a crash rate the seller cannot explain. Code tells you what the app is. History tells you how it got there and how hard it fought back.
The red flags that end deals
No repository history, just a zip file. A seller who will not let an engineer see the code before the sale. A build that needs the seller present. Licenses nobody can name. A backend bill nobody can show you. Any one of these is a discount conversation. Two or more is usually a walk away.
What this looks like as a service
This list is exactly what my app audit covers. I go through the codebase and the app for 7 to 10 working days and deliver a scored report across five lenses, with every risk priced in plain terms and a prioritized plan. Sellers get the same report shown to them, so it doubles as your negotiation sheet.
The audit is 2,900 euro, fixed and agreed before we start, and it fits inside a normal purchase window. Next to the price of the business you are buying it is a rounding error, and it is the only number in the deal produced by someone with no stake in it closing. There is a real 9 page sample report on the audit page, from a public codebase of about 230,000 lines, so you can see the exact format before you spend anything.
If you are about to buy an app on trust and screenshots, spend a fraction of the price first to find out what you are actually buying.