In October 2024, Captio was removed from the App Store. No dramatic announcement. No corporate acquisition gone wrong. Just a quiet disappearance after 14 years of faithful service. For the thousands of productivity enthusiasts who relied on it daily, the loss was personal. For me, it was a wake-up call -- and ultimately the reason I built Simple Memo.

This is the technical story of what happened. Why a beloved, well-built app died not because of bad code or bad decisions, but because the platform it depended on changed the rules. And what we did differently when we decided to build its successor.

Captio's Rise and Fall: A Timeline

To understand why Captio died, you need to understand what made it remarkable in the first place.

  • ~2010: Captio launches on iOS. The concept was deceptively simple: one text field, one button, sends to your email. No accounts, no configuration, no clutter. You opened the app, typed a thought, tapped send, and it was in your inbox. The entire interaction took less than five seconds.
  • 2010-2015: Quiet, organic growth. Captio never went viral. It spread through word-of-mouth among productivity communities. It appeared in "best iPhone apps" roundups. Journalists, writers, developers, and GTD practitioners adopted it as their default capture tool. The app had a near-perfect App Store rating.
  • 2015-2020: Peak adoption. Captio became a verb in some circles. "Just captio it" meant "send yourself a quick note." The app charged $1.99 as a one-time purchase -- generous pricing for a tool that many users opened dozens of times per day.
  • 2020-2022: The cracks appear. Behind the scenes, the technical landscape was shifting. Captio's core mechanism relied on Gmail API (and later Apple Mail APIs) to send emails directly from the user's device. This was elegant and efficient -- no server infrastructure, no ongoing costs. But it also meant Captio's fate was tied to Google's API policies.
  • 2023: Google tightens the screws. Google announces stricter OAuth scope requirements for third-party apps accessing Gmail. Apps that touch email must now go through enhanced verification. The mail.send scope, which Captio used to send emails on behalf of users, is classified as "restricted."
  • 2024: The economics become impossible. Google's "enhanced security" program requires expensive third-party security audits for apps accessing restricted scopes. The cost ranges from $15,000 to $75,000 depending on the assessor. For a solo developer charging $1.99 once per user, this is a death sentence.
  • October 2024: Captio is removed from the App Store. The developer could not justify the audit cost for a single-function app with no recurring revenue. The servers were shut down. 14 years of quiet, excellent service came to an end.

The irony: Captio did nothing wrong. The app was well-built, well-maintained, and beloved by its users. It died because the API it depended on changed the rules -- and the business model could not absorb the new compliance costs.

The Technical Autopsy -- Why Gmail API Dependency Was Fatal

Let's get into the technical specifics, because the details matter for anyone building on third-party APIs.

How Captio's Email Sending Worked

Captio used the Gmail API's users.messages.send endpoint to send emails on behalf of the user. The flow looked like this:

User types memo → Captio app → Gmail OAuth token → Gmail API (mail.send) → User's inbox

This was brilliant from an infrastructure perspective. Captio needed zero backend servers. The user's own Gmail account handled sending. The app was essentially a lightweight UI wrapper around Gmail's send functionality. No servers to maintain, no deliverability to worry about, no infrastructure costs.

The OAuth flow required the https://www.googleapis.com/auth/gmail.send scope -- a restricted scope that gives the app permission to send emails as the user. Captio did not request broader scopes like full mailbox read access. It was a minimal, focused permission request.

Google's Restricted Scope Verification Process

In 2023, Google started enforcing its Restricted Scope verification process more aggressively. The requirements for apps using restricted scopes include:

  1. Annual security assessment by a Google-approved third-party security firm (CASA Tier 2 assessment)
  2. Cost: $15,000 to $75,000 per assessment, depending on the assessor and scope of the audit
  3. Comprehensive security review covering code quality, data handling, encryption practices, and incident response procedures
  4. Annual renewal -- not a one-time cost, but a recurring expense

Do the math on this. Captio charged $1.99 per download, one time. Assuming the app had a few thousand active installs per year and some new downloads, the total annual revenue might have been $5,000-$15,000. The security audit alone could eat the entire revenue -- before accounting for development time, Apple's 30% cut, or any other expenses.

For a VC-backed company with millions in revenue, a $50,000 security audit is a line item. For a solo developer with a single-function app, it's an extinction event.

The Broader Lesson: Platform Risk Is Existential Risk

Captio's story is not unique. The same pattern has played out across the industry:

  • Twitter API (2023): Hundreds of third-party clients killed overnight when Twitter (now X) moved to paid API access at $42,000/month for basic enterprise tiers. Tweetbot, Twitterrific, and dozens of others were immediately unviable.
  • Reddit API (2023): Apollo, one of the most popular Reddit clients, shut down after Reddit announced API pricing that would cost the developer $20 million per year. A beloved app, killed by an API pricing change.
  • Google Maps API (2018): Google increased Maps API pricing by 1,400%, forcing many small apps and websites to either absorb massive costs or switch to alternatives like OpenStreetMap.
  • Facebook Platform (2018-2020): Post-Cambridge Analytica, Facebook drastically restricted API access. Apps that had built their entire businesses on Facebook's social graph lost access to their core data source.

The pattern is always the same: a platform offers generous API access to attract developers, developers build businesses on that access, and then the platform changes the rules. Sometimes for legitimate security reasons. Sometimes for revenue extraction. The motivation doesn't matter to the developer whose app just died.

If your core feature depends entirely on a third-party API, you don't have a product -- you have a feature of someone else's product. And they can revoke that feature at any time, for any reason, with no recourse.

Building the Replacement -- Our Architecture Decisions

When I decided to build Simple Memo, the Captio post-mortem was the starting document. Every architectural decision was filtered through one question: Could this kill us?

Decision 1: No Gmail API Dependency

This was non-negotiable. The entire point of building a Captio successor was to avoid Captio's fate. We would not use Gmail's API, Apple Mail's API, or any other email provider's API to send messages on behalf of users.

Instead, we built our own mail relay. The app sends memos through our infrastructure, not the user's email account. This means we control the entire email delivery pipeline. No third party can shut us down by changing their OAuth policies.

Decision 2: Cloudflare Workers for Edge Compute

The backend runs on Cloudflare Workers. Here's why:

  • $0 for the first 100,000 requests per day. For a single-function app with a focused user base, this means our compute costs are literally zero for the foreseeable future.
  • Sub-50ms latency globally. Workers run on Cloudflare's edge network -- over 300 data centers worldwide. Whether you're in Tokyo, San Francisco, or London, your memo hits a nearby server.
  • No cold starts. Unlike AWS Lambda or Google Cloud Functions, Workers don't have cold start latency. The first request is as fast as the thousandth.
  • V8 isolate architecture. Workers use V8 isolates instead of containers, which means sub-millisecond startup times and significantly lower memory overhead.

The Worker receives the encrypted memo from the app, decrypts it, formats the email, and forwards it to our email delivery provider. The entire server-side processing takes under 30ms.

Decision 3: Resend for Email Delivery

For the actual email delivery, we chose Resend over established players like SendGrid and Mailgun. The reasons were practical:

  • Developer experience. Resend's API is clean and modern. The SDK works well with Workers. Integration took hours, not days.
  • Deliverability. Resend handles SPF, DKIM, and DMARC configuration automatically. Our emails land in inboxes, not spam folders.
  • Transparent pricing. $0 for the first 3,000 emails/month, then straightforward per-email pricing. No hidden fees, no "enterprise" upsells.
  • Modern infrastructure. Built on AWS SES under the hood but with a much better developer layer on top.

The Complete Architecture

iPhone App (UIKit) → AES-GCM Encryption (on-device) → HTTPS → Cloudflare Worker (edge) → Resend API → User's inbox

The total infrastructure cost: approximately $5 per month at current usage levels. That's $60/year to run a globally distributed, encrypted email relay with sub-100ms end-to-end latency.

Compare this to Captio's infrastructure cost of $0 -- which was the vulnerability. Captio paid nothing because it offloaded everything to Gmail. When Gmail changed the rules, there was no alternative. Our $5/month is insurance against platform risk. We own every piece of the stack from app to inbox.

Decision 4: End-to-End Encryption

Every memo is encrypted on-device before it leaves the user's phone using AES-GCM (Advanced Encryption Standard in Galois/Counter Mode). This is the same encryption standard used by Signal, WhatsApp, and most modern secure messaging apps.

The encryption happens before the HTTPS layer, meaning:

  • The memo is encrypted in the app's memory
  • The encrypted payload is sent over HTTPS (double encryption)
  • The Cloudflare Worker decrypts and processes the memo
  • The plaintext is never stored on disk or in any database
  • After the email is sent, the plaintext is garbage collected from memory

Captio had no encryption layer. Your memo traveled from app to Gmail API as plaintext (over HTTPS, but readable by the API endpoint). This wasn't a criticism of Captio -- encryption wasn't a standard expectation for apps of that era. But in 2026, we can and should do better.

Decision 5: Outbox Architecture for Offline Support

One of Captio's weaknesses was offline behavior. If you had no internet connection, you couldn't send. Your thought was lost or you had to remember to come back later.

Simple Memo implements an Outbox architecture:

  1. User writes a memo and taps send
  2. The memo is immediately encrypted and stored in a local SQLite-backed queue
  3. If network is available: the memo is sent immediately and removed from the queue
  4. If network is unavailable: the memo stays in the encrypted queue
  5. A background task monitors connectivity and automatically drains the queue when the network returns
  6. The user sees a clear status indicator: "Sent" or "Queued (will send when online)"

This means you can use Simple Memo on a plane, in the subway, in a rural area with no signal -- anywhere. Your memos will reach your inbox eventually, guaranteed. You never have to think about it.

The Performance Story -- 0.3 Second Launch

Speed was Captio's defining characteristic, so it had to be ours too. Our target: the app must be ready for typing within 0.3 seconds of tapping the icon. Here's how we got there.

UIKit Over SwiftUI

This will be controversial. SwiftUI is the future of iOS development, and for most apps, it's the right choice. But for an app where launch-to-interactive time is the single most important metric, UIKit still wins.

SwiftUI's view rendering pipeline has overhead that's invisible for complex apps but measurable when you're trying to shave milliseconds from launch. Our main screen has one text view, one button, and a status bar. The UIKit implementation renders in under 16ms (one frame). The equivalent SwiftUI implementation consistently added 40-60ms.

For a social media app or a settings screen, nobody notices 60ms. For an app whose entire value proposition is "faster than anything else," 60ms is the difference between perception of "instant" and "almost instant." We chose UIKit.

Pre-warming and State Caching

The app aggressively caches its state between sessions:

  • The user's email configuration is loaded from Keychain during application(_:didFinishLaunchingWithOptions:)
  • The text view is pre-configured with the correct font, color, and keyboard settings before the first frame renders
  • The keyboard is requested to appear immediately -- no animation delay
  • Network reachability status is cached, so the app doesn't block on a network check

No Login Screen, No Onboarding Flow

Many apps waste their launch budget on splash screens, onboarding carousels, and login flows. Simple Memo has none of these. The first screen IS the compose screen. Always. You open the app and you're typing.

Email configuration happens in Settings, and only once. After that, the app remembers everything. There's no login because there's no account system. Your email address is stored locally in the Keychain.

Network After UI

A critical decision: the network call happens AFTER the UI is interactive, not before. When you tap send, the app immediately clears the text view and shows a "Sent" indicator. The actual network request happens asynchronously. If it fails, the outbox catches it and retries.

This means the perceived send time is near-zero. You tap, the screen clears, you're done. The actual delivery might take 100-300ms in the background, but you've already moved on with your day.

The result: 0.3 seconds from icon tap to cursor blinking in the text field. For a detailed speed comparison with other apps, see our full benchmark on the Captio Alternative page.

Lessons for Indie Developers

Building Simple Memo taught me lessons that apply far beyond "note-to-email" apps. Here's what I'd tell any indie developer starting a new project today.

1. Own Your Critical Path

If your core feature depends on a third-party API, you are one policy change from shutdown. This is the central lesson of Captio's death, and it's not hypothetical -- it has happened to Tweetbot, Apollo, and hundreds of other apps.

"But the API is stable," you say. It is stable until it isn't. Google's Gmail API was stable for over a decade before the restricted scope requirements changed the economics for small developers.

This doesn't mean you should never use third-party APIs. It means you should never use them for your critical path -- the thing your app cannot function without. Use them for nice-to-have features, analytics, or secondary functionality. For your core value proposition, build it yourself or ensure you have a migration path.

2. Budget for Independence

Captio's $0 infrastructure cost was its vulnerability. When the free option disappeared, there was no budget allocated for an alternative because the app had been designed around the assumption of zero infrastructure cost.

$5 per month for your own infrastructure is insurance, not overhead. It's the difference between a business that can survive API changes and one that can't. If $5/month feels expensive, the business model needs work, not the infrastructure.

When you run your own stack -- even a tiny one -- you have options. When the third party changes, you can migrate your backend in a weekend. When you have no backend, you're starting from zero in a crisis.

3. One-Feature Apps Can Work, But Diversify the Revenue

Captio proved that a single-feature app can sustain a user base for 14 years. The simplicity was the product. But the one-time purchase model at $1.99 couldn't sustain the app when compliance costs appeared.

If Captio had charged $0.99/month -- a trivial amount that most users would never notice -- the developer would have had recurring revenue to fund the security audit. The $15,000-$75,000 audit cost is devastating against one-time purchases but manageable against a subscription base of even a few thousand users.

This isn't about maximizing revenue. It's about building a financial foundation that can absorb unexpected costs. Subscriptions provide that foundation. One-time purchases don't.

4. Build Offline-First

Your app should work without the internet, not just "tolerate its absence." This is a design philosophy, not a feature checkbox.

Offline-first means the local state is the source of truth. The network is a synchronization mechanism, not a dependency. When the network is available, sync. When it's not, the app works exactly the same -- the user just gets a "will sync later" indicator instead of a "sent" indicator.

This philosophy makes your app resilient not just to the user's network conditions but to your own infrastructure failures. If your server goes down for an hour, offline-first users don't notice. Their memos queue locally and send when things recover. Compare this to an app that shows an error dialog and loses the user's input.

5. Ship the Simplest Thing, Then Iterate

Simple Memo launched with one screen. It still has one screen. The text field, the send button, and a settings gear. That's it.

There's enormous pressure -- internal and external -- to add features. Tags, folders, rich text, images, collaboration. Every feature request feels reasonable in isolation. But every feature you add is a feature you must maintain, a feature that can break, and a feature that makes the app slower to launch.

Captio resisted feature creep for 14 years. That discipline was its greatest strength and what made its users so loyal. We intend to maintain the same discipline. The app's value is not in what it does -- it's in what it doesn't do.

What's Next

Simple Memo is actively maintained and under continuous development. We're exploring a few directions -- Apple Watch support for even faster capture, Siri Shortcuts integration for voice-first workflows, and improved widget capabilities -- but we're being deliberate about what earns a place in the app.

The core promise will not change: one screen, instant capture, your inbox. Everything else is a bonus.

If you're a Captio user looking for a new home, check out the full comparison or read the migration guide. The transition takes about three minutes.

If you're an indie developer building something similar -- or just navigating the same platform-dependency challenges -- I'd genuinely love to hear your story. Reach out via the contact page or find me on X/Twitter.

Download Simple Memo on the App Store -- free to start, with a 7-day unlimited trial.

Disclosure: I'm AI Ataka, the solo developer of Simple Memo. This is a first-hand account of why I built this app and the technical decisions involved. I've tried to be honest about the tradeoffs: Captio was a great app, and its shutdown was caused by API policy changes, not by any fault of its developer. I built Simple Memo because the problem Captio solved still matters, and I believe the architecture described here is more resilient to the same risks.

Related Articles