Apple claims that millions of fraudulent attempts are made against the App Store and its users each year. The company prevented 21 1.5 billion in fraudulent transactions in 2021, it said, in line with similar frauds in 2020.
How people try to cheat the app store
The company explains how fraudsters try to commit fraud through stores.
These efforts range from relatively unnecessary attempts to shop using stolen or fraudulent credit cards to more complex scams to apps that otherwise work well but silently collect data or carry malware to deceive or defraud users.
Attempts to smuggle malware into the app for on-device fraud are intensifying in 2022. It’s worth noting that malware attempts to hack devices against Android have increased by more than 40% so far this year, indicating that Apple’s concerns are justified.
Apple has rejected thousands of apps, including hidden code and misleading, copycat and privacy abusing apps. Millions of attempts are made each year to create fraudulent customer or developer accounts, the company said, while 3.3 million attempts were made to use stolen credit cards.
Review Fraud Scale
Review fraud – where competitors file invalid ratings and reviews to suppress competitor app sales or encourage users to download unreliable apps – also gets a mention.
Apple says more than one billion ratings and reviews were received throughout 2021, and Apple had to identify and block more than 94 million reviews and 170 million ratings “for failing to meet restraint standards.” Apple has canceled 610,000 reviews since the publication after the complaint and subsequent evaluation.
This data suggests that the scale of review fraud is relatively high, as it indicates that a very large percentage of the billion ratings and reviews made each year are flawed.
App Store developers have been complaining about the practice for years, and the information Apple has released justifies that concern. That being said, it also suggests that the risk of review fraud would be much, much higher if the App Store were out of control.
Apple wants to protect its App Store business
We know that part of the reason the company shares this information is to justify the fees it charges against some developers for selling apps through its store. Apple continues to collect data to support the way Apple runs the App Store business, and Apple explains that level detection of fraud is not cheap. While other app stores may charge lower fees, do they offer the same security or user experience? What if Apple can’t?
[Also read: Why Industry 4.0 must think more like Apple]
Apple really wants regulators to reconsider plans for forcibly siding with apps and other badly thought-out proposals that could undermine the security and safety of its platforms. In that sense, the company is looking for data to show how much of its products are used today in highly confidential and strategically needed industries.
What is the use of network and endpoint security systems when platforms themselves are inherently insecure? How can an enterprise be confident in their growing digital processes if their devices carry a government-directed back door?
These important questions need to be answered rigorously before any decision can be made.
The level at which the App Store experiences fraudulent activity is described, and regulators should take a break to think before applying rash remedies, especially as criminals are becoming more creative about the growing potential for app, app services, and ID fraud.
Older devices are the most risky
Fraudsters are also targeting older mobile devices, according to a survey by NICE Actimize. The study found that in 2021, the number of attempts at banking fraud increased by 41%, with devices running operating systems made before 2016 being three times more likely to be victims of fraud.
About 4% of the currently 2.5 billion active Android devices run a risky repetition of that OS, compared to only 2% of iPhone users who run an OS older than two years. (The number of iPhones running in the 2016 version of iOS is incredibly small).
However, any move to undermine the security that iOS enjoys could weaken many more of us, and the launch of a non-curated app store will do just that.
More news at WWDC?
Just days before Apple hosted its annual developer event, the App Store’s decision to release information about its work in the fight against fraud sent a message that the company would continue to work for privacy and security across its mobile ecosystem. Most recently, the company announced that it would remove older apps that had not been updated from the App Store for three or more years.
Given the extent to which app store fraud is occurring, this seems like a wise move to help protect users from inadvertently using the app so that there may still be exploitative or weak code.
Follow me TwitterOr join me on AppleHolic’s bar & grill and Apple discussion group on MeWe.