Apple’s App Store is often called a “walled garden.” Apple has a team of reviewers that inspect every submission and update for over 2 million iPhone and iPad apps.
But apparently, there are some snakes that have made their way into the walled garden — and they’re stealing money from iPhone users, sometimes as much as $120, in the form of in-app purchases.
Two examples popped up over the weekend that use the iPhone’s fingerprint scanner to trick the user into purchases they didn’t intend to make.
One app, highlighted by 9to5Mac, an Apple blog, told users that it would read your heart rate through your fingerprint. All the user had to do was hold their fingerprint on the Touch ID scanner — which, coincidentally, is how you approve an in-app purchase.
Then the app developer would take a large amount of money from your credit card. (Obviously, iPhones can not take heart-rate readings through the fingerprint scanner.)
Check out this very similar example from an app called Fitness Balance, shared on Reddit:
Apple didn’t respond to a request for comment on how consumers can protect themselves from these scams and whether users are eligible for a refund, but the Apple Support account said on Twitter: “Thank you for bringing this to our attention. This has been forwarded to the appropriate team for further review.”
The apps discussed on Reddit and in 9to5Mac have been removed from the App Store.
Scams on the App Store seem to be rising as the store becomes larger and revenue from apps becomes more central to Apple’s business strategy. Apple recently said it would stop revealing iPhone unit sales, instead preferring to focus investor attention on its online services business, of which the fees collected by the App Store are one of the largest components.
In fact, Apple is actively encouraging its developers to adopt a subscription model for their apps, enabling Apple to collect regular recurring revenue from users.
But as this happens, many indie developers are raising issues with what seems like Apple’s arbitrary approach to App Store approvals. Many creative and high-quality app developers complain that their apps are delayed or removed over what appears to be ticky-tacky violations of the App Store guidelines, while scam apps often appear on the store’s top-grossing charts.
“I’ve been pestering Apple for years publicly and privately about the manipulation and outright scams going on in the App Store. Apple has made some progress here and there, but overall Apple’s strictness in some areas and hands-off approach in others has disproportionately rewarded bad actors while stifling conscientious developers,” developer David Barnard recently wrote in a post widely shared in the Apple developer community.
Apple’s control over the App Store may also raise legal issues, such as the pricing challenge that the Supreme Court heard arguments about earlier this year.
Still, Apple sees its human-curated and monitored App Store as a key differentiator from competitors like Google and Amazon, which largely use a more algorithmic approach to policing content on their platforms.
According to Apple CEO Tim Cook, human review on the App Store helps with “improving and raising the bar,” and helps protect user privacy from apps that might steal data from users. “What you sell in that store says something about you, and if you don’t want to sell that other thing, you don’t sell it,” Cook said.