Apple Claims App Store Security Features Prevented Over $2 Billion in Fraudulent Transactions in 2022

[applepotato666]

Personally I don't care whatever happens as I purchase Apple devices knowing I can't sideload, but I do believe the option should be there. Not for the alternative app stores, but because Apple can reject apps from their App Store for any other reason than security and can get political or in defense of their own interests.
The 'then don't buy an iPhone' argument is not valid when you can indeed purchase an iPhone knowing it supports a particular app, then have it taken away from you because Apple decided so. Allowing the option to sideload is better for everyone. Nobody is going to go through the hoops of sideloading stuff when the App Store is right there, unless they need to.

P.S. It is scam apps galore on the App Store. Sure, it's not as bad as Play Store, but it's not that much better either and on the iOS side those apps mysteriously tend to rank high and be among the first ones that you find when searching for an app with a particular function. Apple could have interest in ranking a PDF scanner app that costs 60 euros/month (insanity) as the first result when you search for an app that does exactly the same thing the inbuilt Notes app or Ad*be's equivalent.

 

[JamesHolden]

As along as Apple is not responsible for any security/privacy intrusions and damages a customer could incur as a result of sideloading.

If you choose to sideload apps, you're on your own if something bad happens.

This is such a silly argument. Apple isn't responsible for "damages" on the Mac. Microsoft isn't responsible for "damages" on Windows. What does that even mean??? I see this argument, among other nonsensical ones, parroted on here every time the App Store comes up, but seriously, what "damages" are you even talking about? And who is responsible for such "damages" today on other platforms that, gasp!!!, allow sideloading?

 

[Motawa]

90% of this is because of in app purchase bs

 

[BaldiMac]

No word on why/how scam subscription apps continue to be top-rated apps. No word on why searching for a trademarked app name gives dozens and dozens of scam apps that use a trademarked name in the app title to lure customers away from purchasing the app they really are search for. Honestly, a multi-trillion dollar company cannot be bothered to tighten up the app store to reduce these scams/frauds. Instead Apple cites that they caught "...the use of fradulent credit cards...". Something every retailer deals with. When I go into Walmart I do not have to sift thru a few dozen brands of "Simple Green Degreaser" to find the one bottle actually made by Simple Green, because Walmart does not stock rip-offs. Try again Tim.

Seems like your ignoring the context these numbers provide just to complain that they're not perfect. They're certainly not perfect. Just significantly better than any of the alternatives.

Not to take away from the larger point that Apple should continue to get better.

 

[Kkspire]

Not surprised at all by this. Consumers don’t realize how bad it is because they don’t experience it thanks to the work companies do behind the scenes. Apple is very right on this one. Legislatures usually have no idea and just want to look like they win something, while harming consumer.

 

[Wildkraut]

Yeah Apple sure, you're so helpful and protective! *cough*

https://forums.macrumors.com/threads/stolen-iphone-criminals-have-full-control-and-apple-cannot-help.2388366/

 

[erikkfi]

I’m glad none of the pro-competition legislation is intended to stop Apple from running their own App Store, but none of these figures convince me that people shouldn’t be able to install whatever they want on a device they own.

 

[citysnaps]

This is such a silly argument. Apple isn't responsible for "damages" on the Mac. Microsoft isn't responsible for "damages" on Windows. What does that even mean??? I see this argument, among other nonsensical ones, parroted on here every time the App Store comes up, but seriously, what "damages" are you even talking about? And who is responsible for such "damages" today on other platforms that, gasp!!!, allow sideloading?

What I posted is pretty clear. If you suffer a loss (privacy, security, $$$$$, etc) on an iOS device because you choose to sideload, you are on your own.

Makes no difference what Apple does or does not do with respect to the Mac and what they're responsible for. Apple is free to implement any policy they want. I wouldn't be surprised if Apple adds something similar to the above to their terms of service for iOS devices for people who choose to sideload.

 

[falkon-engine]

That's all cool and everything but not a reason to not open up the App Store...

 

[TechnoMonk]

Yeah Apple sure, you're so helpful and protective! *cough*

https://forums.macrumors.com/threads/stolen-iphone-criminals-have-full-control-and-apple-cannot-help.2388366/

Apple didn’t give the criminals Passcode, the device owner did. Only thing Apple needs to fix is making iCloud password changes confirmed by second trusted device or force password to change password, if there is no trusted device. The thief’s could have still used Apple pay to buy charges, and put phone in airplane mode to go through emails and photos at leisure.

 

[robbietop]

Epic will totally have enough resources to beat those numbers for their Third Party App Store. I believe it. LOL who are we kidding, Epic can't even win a court argument with public opinion in their favor.

Just imagine all the malware and garbage a third party App Store will have if this is Apple fighting the deluge.

 

[JamesHolden]

What I posted is pretty clear. If you suffer a loss (privacy, security, $$$$$, etc) on an iOS device because you choose to sideload, you are on your own.

Makes no difference what Apple does or does not do with respect to the Mac and what they're responsible for. Apple is free to implement any policy they want. I wouldn't be surprised if Apple adds something similar to the above to their terms of service for iOS devices for people who choose to sideload.

Like I said, a total nonsense argument.

Apple isn't responsible today for "damages" caused by side-loading on the Mac, just like Microsoft, Google, etc. aren't responsible on their platforms. It's absurd to even think that Apple could somehow be held responsible for the things you describe. Completely absurd argument that has absolutely no basis whatsoever in reality.

You're making up imaginary liability scenarios that don't exist today on any platform and there's absolutely no reason to believe that iOS would be held to a different legal standard.

 

[Wildkraut]

Apple didn’t give the criminals Passcode, the device owner did. Only thing Apple needs to fix is making iCloud password changes confirmed by second trusted device or force password to change password, if there is no trusted device. The thief’s could have still used Apple pay to buy charges, and put phone in airplane mode to go through emails and photos at leisure.

They don't even tried help to block and reset the guys AppleID.

Apple allows the thief to change the AppleID password without typing in the old one, they allowed the thief to lockout the legit owner, but doesn't want to help to block and reset AppleID to prevent further frauds.

That's 100% Apples fault.
Apples security by obscurity, just like their Security fairy tale on page 1.

 

[BaldiMac]

Like I said, a total nonsense argument.

Apple isn't responsible today for "damages" caused by side-loading on the Mac, just like Microsoft, Google, etc. aren't responsible on their platforms. It's absurd to even think that Apple could somehow be held responsible for the things you describe. Completely absurd argument that has absolutely no basis whatsoever in reality.

You're making up imaginary liability scenarios that don't exist today on any platform and there's absolutely no reason to believe that iOS would be held to a different legal standard.

I agree the argument is silly, but it’s hardly imaginary. From tech support experience, people installing dumb stuff will cause more problems for their support staff to deal with. Often hard to diagnose.

 

[platinumaqua]

I didn't know pushing for junk apps with ongoing subscriptions and in-app purchases are security features.
IAPs/subscriptions/trackers in apps have put me off from downloading apps entirely.

 

[cuiver]

Another area that needs Apple's attention regarding scammers, is robot calls. Why don't you implement smart features like Google's Call Screen? Native on screen warnings for cloned numbers and reported scammers? I know that there is no 30/15% tax there to harvest...

 

[JamesHolden]

I agree the argument is silly, but it’s hardly imaginary. From tech support experience, people installing dumb stuff will cause more problems for their support staff to deal with. Often hard to diagnose.

It's not just silly, it's complete nonsense.

As for people installing dumb stuff, that will never end no matter how well any app store is policed. Is there any data that shows one company having complete control over apps on its platform results in fewer tech support problems? How would one even quantify this?

 

[TechnoMonk]

They don't even tried help to block and reset the guys AppleID.

Apple allows the thief to change the AppleID password without typing in the old one, they allowed the thief to lockout the legit owner, but doesn't want to help to block and reset AppleID to prevent further frauds.

That's 100% Apples fault.
Apples security by obscurity, just like their Security fairy tale on page 1.

Like I said Apple needs to change method of iCloud password changes. But thief could have pretty much robbed, accessed photos and emails even with out touching iCloud account. By the time OP in the post realized, thief could have just put the phone on airplane mode, turned off Bluetooth, Wi-Fi, and did what ever he wanted to.
Here is the simple fact, don’t give your passcode away.

 

[BaldiMac]

It's not just silly, it's complete nonsense.

Like I said, it’s certainly not nonsense based on my own tech support experience.

As for people installing dumb stuff, that will never end no matter how well any app store is policed.

That’s just a false dichotomy. Perfect and not perfect are not the only two choices. The App Store certainly reduces the problem significantly.

 

[JamesHolden]

Like I said, it’s certainly not nonsense based on my own tech support experience.

The nonsense part of that person's argument is the part where Apple will somehow be held responsible for "damages" if they allow sideloading, that if the user suffers some (vague) "loss", because of sideloading (again, how? what? huh?), Apple will somehow be held responsible. Apple isn't held responsible for such (vague) "damages" on the Mac, nor are Microsoft, Google, Samsung, or anyone else held responsible on their respected platforms. It's chicken little talk.

That’s just a false dichotomy. Perfect and not perfect are not the only two choices. The App Store certainly reduces the problem significantly.

What problem are you talking about? Tech support?

 

[BaldiMac]

The nonsense part of that person's argument is the part where Apple will somehow be held responsible for "damages" if they allow sideloading, that if the user suffers some (vague) "loss", because of sideloading (again, how? what? huh?), Apple will somehow be held responsible. Apple isn't held responsible for such (vague) "damages" on the Mac, nor are Microsoft, Google, Samsung, or anyone else held responsible on their respected platforms. It's chicken little talk.


What problem are you talking about? Tech support?

I mean, I think it’s reasonable to read his claim as that Apple shouldn’t have to support devices that have sideloading enabled. Which is what I was addressing.

Again, I don’t agree with his point, but I don’t think it’s nonsense.

 

[Wildkraut]

Like I said Apple needs to change method of iCloud password changes. But thief could have pretty much robbed, accessed photos and emails even with out touching iCloud account. By the time OP in the post realized, thief could have just put the phone on airplane mode, turned off Bluetooth, Wi-Fi, and did what ever he wanted to.
Here is the simple fact, don’t give your passcode away.

Yeah, but he didn't give the password away.
Theft happens all the time, and a phone can easily be snitched out of your hands, except if you force hold it in your hands, or press it against your head like Hulk while making a call.

This security issue/hole has even the potential to render all your liked Apple devices useless, all tied together, a single point of failure. Apple could also have asked for a credit card, ID or passport verification, to verify, block and reset the account.

Luckily VISA and MasterCard aren't morons like Apple and allows their customers to deactivate their credit cards, and that's why ApplePay also sucks.

It's one of the downsides trusting Apple with your data "secured" in their ecosystem.

 

[JamesHolden]

I mean, I think it’s reasonable to read his claim as that Apple shouldn’t have to support devices that have sideloading enabled. Which is what I was addressing.

Again, I don’t agree with his point, but I don’t think it’s nonsense.

The devil is in the details, I suppose. Obviously, Apple shouldn't be responsible for issues caused by sideloaded apps within those apps. If it's a scam app, it's a scam app. Buyer beware. But sideloading shouldn't give Apple a blank check to not support their customer. That would be a very bad precedent to set, just as I think having a single platform gatekeeper is a very bad one.

 

[BaldiMac]

The devil is in the details, I suppose. Obviously, Apple shouldn't be responsible for issues caused by sideloaded apps within those apps. If it's a scam app, it's a scam app. Buyer beware. But sideloading shouldn't give Apple a blank check to not support their customer. That would be a very bad precedent to set,

I agree.

just as I think having a single platform gatekeeper is a very bad one.

Except for this part.

 

[ifxf]

It would be nice to know the average age of fraudulent accounts. If takes months or years to detect them then Apple’s detection process won’t prevent much fraud.