I trust no corporate entities, and try to minimize my exposure, but I agree it makes some sense. Apple is too big/public to screw around with making a quick buck by changing terms. They are also likely to have significantly better security posture on every aspect of application development and distribution.

How much stringency does a code/platform change get at Authy vs Apple? However, once you are in the Apple walls, they are just as ruthless at keeping you locked inside, which is why I try to minimize my dependencies where possible.