Apple wants to make sure you’re only working with safe software on your Mac (and, naturally, it prefers you get that software from the Mac App Store).
This means you may get frequent pop-up dialogs asking for permission to: access different parts of your Mac’s operating system or hardware; access your photos, contacts, etc.; and update you with notifications, and perhaps to access your contacts, photos, and more.
Apple’s own Gatekeeper tech has been doing this for some time. Gatekeeper is designed to help protect users from downloading and installing malicious software by checking for a Developer ID certificate from apps distributed outside the Mac App Store.
When you install Mac apps, plug-ins, and installer packages from outside the Mac App Store, macOS checks the Developer ID signature to verify that the software is from an identified developer and that it’s not been altered. By default, macOS Ventura also requires software to be notarized. Before opening downloaded software for the first time, macOS asks for your approval if the app isn’t from the Mac App Store.
By default, the security and privacy preferences of your Mac are set to allow apps from the Mac App Store and identified developers. For extra security, you can chose to allow only apps from the App Store or from the App Store and identified developers.
In System Settings, click Privacy & Security. Scroll down until you see Security. Now you can choose to allow apps downloaded from either “App Store” or “App Store and identified developers.
I personally leave the latter enabled and haven’t had any issues. If your Mac — like mine — is set to allow apps from the Mac App Store and identified developers, the first time that you launch a new app, your Mac asks if you’re sure you want to open it. An app that has been notarized by Apple indicates that Apple checked it for malicious software and none was detected.
If you have set your Mac to allow apps only from the App Store and you try to install an app from elsewhere, your Mac will say that the app can’t be opened because it wasn’t downloaded from the App Store.
If your Mac is set to allow apps from the App Store and identified developers, and you try to install an app that isn’t signed by an identified developer or—in macOS Ventura—notarized by Apple, you also see a warning that the app can’t be opened.
If macOS detects that an app that it thinks has malicious content, it will notify you when you try to open it and ask you to move it to the Trash.
However, if you really want to run software that hasn’t been signed and notarized (though I’d advise against this) you can. If you later decide to give a denied app access to your Mac—choose Apple menu > System Settings, click Privacy & Security in the sidebar, then click Accessibility on the right.
Now you can turn permission on or off for any app in the list. If you don’t see the app you want to grant permissions for, click the Add button at the bottom of the list of apps, search for the app, select it, then click Open.
