diff --git a/.gitignore b/.gitignore
index a95e01289c..9a6daf0cef 100644
--- a/.gitignore
+++ b/.gitignore
@@ -28,3 +28,4 @@ resources.rcc
 resources.qrc
 status-react-translations/
 /.update.timestamp
+notarization.log
diff --git a/Makefile b/Makefile
index e7f3ac64a2..911c8c3113 100644
--- a/Makefile
+++ b/Makefile
@@ -340,6 +340,12 @@ ifdef MACOS_CODESIGN_IDENT
 	scripts/sign-macos-pkg.sh $(STATUS_CLIENT_DMG) $(MACOS_CODESIGN_IDENT)
 endif
 
+notarize-macos: export CHECK_INTERVAL_SEC ?= 30
+notarize-macos: export CHECK_RETRY_LIMIT ?= 20
+notarize-macos: export MACOS_BUNDLE_ID ?= im.status.ethereum.desktop
+notarize-macos:
+	scripts/notarize-macos-pkg.sh $(STATUS_CLIENT_DMG)
+
 NIM_WINDOWS_PREBUILT_DLLS ?= tmp/windows/tools/pcre.dll
 
 $(NIM_WINDOWS_PREBUILT_DLLS):
diff --git a/ci/Jenkinsfile.macos b/ci/Jenkinsfile.macos
index 7323511c9b..92cefd8379 100644
--- a/ci/Jenkinsfile.macos
+++ b/ci/Jenkinsfile.macos
@@ -1,4 +1,4 @@
-library 'status-jenkins-lib@v1.2.15'
+library 'status-jenkins-lib@ci-macos-notarization'
 
 pipeline {
   agent {
@@ -36,6 +36,8 @@ pipeline {
     PATH = "${env.QTDIR}/bin:${env.PATH}"
     /* Control output the filename */
     STATUS_CLIENT_DMG = "pkg/${utils.pkgFilename('dmg')}"
+    /* Apple Team ID for Notarization */
+    MACOS_NOTARIZE_TEAM_ID = "DTX7Z4U3YA"
   }
 
   stages {
@@ -67,28 +69,16 @@ pipeline {
     }
 
     stage('Package') {
-      steps {
-        withCredentials([
-          string(
-            credentialsId: 'macos-keychain-identity',
-            variable: 'MACOS_CODESIGN_IDENT'
-          ),
-          string(
-            credentialsId: 'macos-keychain-pass',
-            variable: 'MACOS_KEYCHAIN_PASS'
-          ),
-          file(
-            credentialsId: 'macos-keychain-file',
-            variable: 'MACOS_KEYCHAIN_FILE'
-          ),
-          string(
-            credentialsId: utils.getInfuraTokenCred(),
-            variable: 'INFURA_TOKEN'
-          )
-        ]) {
-          sh 'make pkg-macos'
-        }
-      }
+      steps { script {
+        macos.bundle()
+      } }
+    }
+
+    stage('Notarize') {
+      when { expression { utils.isReleaseBuild() } }
+      steps { script {
+        macos.notarize()
+      } }
     }
 
     stage('Parallel Upload') {
diff --git a/docs/images/gatekeeper_warning.png b/docs/images/gatekeeper_warning.png
new file mode 100644
index 0000000000..22ea3db823
Binary files /dev/null and b/docs/images/gatekeeper_warning.png differ
diff --git a/docs/macos_notarization.md b/docs/macos_notarization.md
new file mode 100644
index 0000000000..d4cbd39f82
--- /dev/null
+++ b/docs/macos_notarization.md
@@ -0,0 +1,75 @@
+# Description
+
+This document describes the process of notarizing a MacOS application.
+
+# Notarization
+
+The process [Software Notarization](https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution) is necessary to avoid [Gatekeeper](https://en.wikipedia.org/wiki/Gatekeeper_(macOS)) warnings which look like this:
+
+![Gatekeeper Warning](./images/gatekeeper_warning.png)
+
+According to Apple the Notarization process will:
+
+>Give users even more confidence in your software by submitting it to Apple to be notarized. The service automatically scans your Developer ID-signed software and performs security checks. When it's ready to export for distribution, a ticket is attached to your software to let Gatekeeper know it's been notarized.
+
+https://developer.apple.com/developer-id/
+
+The process involves the following steps:
+
+>When you click Next, Xcode uploads your archive to the notary service. When the upload is complete, the notary service begins the scanning process, which usually takes less than an hour. (...) When the notarization process finishes, Xcode downloads the ticket and staples it to your archive. At that point, export your archive again to receive a distributable version of your software that includes the notary ticket.
+
+https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution
+
+# Tickets
+
+>Notarization produces a ticket that tells Gatekeeper that your app is notarized. After notarization completes successfully, the next time any user attempts to run your app on macOS 10.14 or later, Gatekeeper finds the ticket online. This includes users who downloaded your app before notarization.
+
+https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/customizing_the_notarization_workflow
+
+# Authentication
+
+The notarization process requires authentication. 
+
+>Add the `username` and `password` options to supply your App Store Connect credentials. Because App Store Connect now requires two-factor authentication (2FA) on all accounts, you must create an app-specific password for `altool`, as described in Using app-specific passwords.
+
+https://support.apple.com/en-us/HT204397
+
+# Tools
+
+Notarization can be performed by Xcode, or using the command line `xcrun altool` utility:
+```sh
+% xcrun altool --notarize-app
+               --primary-bundle-id "com.example.ote.zip"
+               --username "AC_USERNAME"
+               --password "@keychain:AC_PASSWORD"
+               --asc-provider <ProviderShortname>
+               --file OvernightTextEditor_11.6.8.zip
+```
+The request is created which has a UUID assigned to it which can be used to check progress:
+```sh
+% xcrun altool --notarization-info 2EFE2717-52EF-43A5-96DC-0797E4CA1041 -u "AC_USERNAME"
+```
+And once completed the ticket can be "stapled" to the bundle:
+```
+% xcrun stapler staple "Overnight TextEditor.app"
+```
+https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/customizing_the_notarization_workflow
+
+# Script
+
+Our process is automated using the [`scripts/notarize-macos-pkg.sh`](../scripts/notarize-macos-pkg.sh) script, which performs all the necessary steps in CI:
+```
+../scripts/notarize-macos-pkg.sh pkg/StatusIm-Desktop-v0.1.0-beta.9-39582e.dmg
+```
+But it requires certain credentials to be provided:
+
+* `MACOS_NOTARIZE_TEAM_ID` - Apple Team ID
+* `MACOS_NOTARIZE_USERNAME` - Apple Dev Portal Username
+* `MACOS_NOTARIZE_PASSWORD` - Apple Dev Portal Password or Keystore with password
+
+# Links
+
+* https://scriptingosx.com/2019/09/notarize-a-command-line-tool/
+* https://stackoverflow.com/questions/56890749/macos-notarize-in-script
+* https://github.com/rednoah/notarize-app
+* https://support.apple.com/en-us/HT204397
diff --git a/scripts/notarize-macos-pkg.sh b/scripts/notarize-macos-pkg.sh
new file mode 100755
index 0000000000..bd5bd07f05
--- /dev/null
+++ b/scripts/notarize-macos-pkg.sh
@@ -0,0 +1,70 @@
+#!/usr/bin/env bash
+
+set -e
+
+[[ $(uname) != 'Darwin' ]] && { echo 'This only works on macOS.' >&2; exit 1; }
+[[ $# -ne 1 ]] && { echo 'notarize-macos-pkg.sh <bundle_to_notarize>' >&2; exit 1; }
+
+# Credential necessary for the upload.
+[[ -z "${MACOS_NOTARIZE_TEAM_ID}" ]] && { echo -e "Missing env variable: MACOS_NOTARIZE_TEAM_ID" 1>&2; exit 1; }
+[[ -z "${MACOS_NOTARIZE_USERNAME}" ]] && { echo -e "Missing env variable: MACOS_NOTARIZE_USERNAME" 1>&2; exit 1; }
+[[ -z "${MACOS_NOTARIZE_PASSWORD}" ]] && { echo -e "Missing env variable: MACOS_NOTARIZE_PASSWORD" 1>&2; exit 1; }
+
+# Path to MacOS bundle created by XCode.
+BUNDLE_PATH="${1}"
+# Notarization request check intervals/retries.
+CHECK_INTERVAL_SEC="${CHECK_INTERVAL_SEC:-30}"
+CHECK_RETRY_LIMIT="${CHECK_RETRY_LIMIT:-20}"
+# Unique ID of MacOS application.
+MACOS_BUNDLE_ID="${MACOS_BUNDLE_ID:-im.status.ethereum.desktop}"
+# Log file path
+NOTARIZATION_LOG="${NOTARIZATION_LOG:-${PWD}/notarization.log}"
+
+function xcrun_altool() {
+    xcrun altool "${@}" \
+        --team-id "${MACOS_NOTARIZE_TEAM_ID}" \
+        --username "${MACOS_NOTARIZE_USERNAME}" \
+        --password "${MACOS_NOTARIZE_PASSWORD}" \
+        --output-format "json" \
+        2>&1 | tee -a "${NOTARIZATION_LOG}"
+}
+
+# Submit app for notarization. Should take 5-10 minutes.
+echo -e "\n### Creating Notarization Request..."
+OUT=$(xcrun_altool --notarize-app -f "${BUNDLE_PATH}" --primary-bundle-id "${MACOS_BUNDLE_ID}")
+# Necessary to track notarization request progress.
+REQUEST_UUID=$(echo "${OUT}" | jq -r '."notarization-upload".RequestUUID')
+
+if [[ -z "${REQUEST_UUID}" ]]; then
+    echo "\n!!! FAILURE: No notarization request UUID found." >&1
+    exit 1
+fi
+echo -e "\n### Request ID: ${REQUEST_UUID}"
+
+# Check notarization ticket status periodically.
+echo -e "\n### Checking Notarization Status..."
+while sleep "${CHECK_INTERVAL_SEC}"; do
+    OUT=$(xcrun_altool --notarization-info "${REQUEST_UUID}")
+
+    # Once notarization is complete, run stapler and exit.
+    if $(echo "${OUT}" | jq -er '."notarization-info".Status == "in progress"'); then
+        ((CHECK_RETRY_LIMIT-=1))
+        if [[ "${CHECK_RETRY_LIMIT}" -eq 0 ]]; then
+            echo -e "\n!!! FAILURE: Notarization timed out."
+            exit 1
+        fi
+        echo "In progress, sleeping ${CHECK_INTERVAL_SEC}s..."
+    elif $(echo "${OUT}" | jq -er '."notarization-info".Status == "success"'); then
+        echo -e "\n### Successful Notarization"
+        break
+    else
+        echo -e "\n!!! Notariztion Error"
+        echo "${OUT}" >&2
+        exit 1
+    fi
+done
+
+# Optional but preferrable to attach the ticket to the bundle.
+echo -e "\n### Stapling Notarization Ticket..."
+xcrun stapler staple "${BUNDLE_PATH}"
+exit $?