"Install Spotify" can't be opened because Apple cannot check it for malicious software

Catalina requires all apps that are signed with developer IDs to be 'notarized' by Apple. In the absence of an updated version from the developer, you can try the following:

  1. Right-click and select "Open". This may bring up the same dialog, but with an option to Open the file anyway.

  2. You can get round this by removing the quarantine Extended Attribute on the file:

    xattr -d com.apple.quarantine /path/to/file

Naturally, this bypasses Apple's security precautions which exist to stop maliciously altered software from running.


  • for older version of macOS

System Preferences -> Security & Privacy -> check Allow Anywhere

  • for macOS Sierra, High Sierra, Mojave

$ sudo spctl --master-disable

But if the Move To Trash issue still exists. This is because Apple has removed TNT certification. You may use codesign to resign it:

$ codesign --sign - --force --deep <app-path>
  • for macOS Catalina

I think codesign sometimes doesn't work for the notarization issue recently, so you should use xattr to remove the quarantine:

$ xattr -d com.apple.quarantine <app-path>

I have got a conclusion. When installing app from 3rd party on different macOS, you can try different ways when it comes up to Move to Trash issue. Meanwhile, I think this is a common issue for 3rd party apps, so you may change the title question to something that contains Cannot be opened or Move to trash as well.


This is a notarization issue with Spotify on Catalina. Although you can right-click to open, you should be extremely cautious with that! That bypasses the mechanisms macOS is using to try to protect you from malware.

If you use this method to open something that you know, with 100% certainty, is actually from Spotify, that is a temporary workaround. But the failing here is that Spotify didn't get their software notarized despite knowing since at least June that it would be a requirement for Catalina. Please let Spotify know that you are dissatisfied with this level of carelessness, and do the same with any other vendor whose Mac software is not yet notarized.


I was facing the same issue while I was trying to install .Net Core 2.2 SDK.

dotnet-sdk-2.2.207-osx-x64 (1).pkg” can’t be opened because Apple cannot check it for malicious software.

And as mentioned in this forum entry all I had to do was to press the CTRL key while the installation was going on. I am not a Mac fan and that was the first time I was using the same, so I am not sure what happened when I was pressing CTRL key. Sharing this info for people who needs a quick resolution to this problem.


You can fix this problem by right-clicking on that .dmg or .pak file and choose open.

Here is the video to fix that type problem:

https://youtu.be/6Cjpo3uKHLw