Going through Apple doesn't warrant security either.
An honest AND open statement would be informing the customer that "it uses external purchases that may OR may not be secure and that customers need to satisfy themselves.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Slaps Warnings on Apps Using External Purchases in the EU [Updated]
- Thread starter MacRumors
- Start date
- Sort by reaction score
An honest AND open statement would be informing the customer that "it uses external purchases that may OR may not be secure and that customers need to satisfy themselves.
Don’t you know that stealing card information is a big business for criminals? There’s a reason you have to be careful where you enter it online.
That is what makes it logical that there is a warning when the burden of vetting the payment processor is pushed to the consumer.
Actually Apple backs it. If there's a security breach, Apple will be responsible and will compensate users if Apple fails to protect the user.
"Honest" is new.
"It uses external purchases." does not make any mention of whether or not it's secure. That's honest.
You did:
I just downloaded the Westlotto and the Lotto Baden-Württemberg apps on my iOS device:
https://itunes.apple.com/de/app/id485632835
https://apps.apple.com/de/app/id903035939
...without having a valid payment method on file in my Apple/App Store Account.
...without physically being located in Germany
...without having been assigned a German IP address.
Last edited:
Change your Apple Account country or region - Apple Support
Before you update your location, you must spend your account balance, cancel your subscriptions, and get a payment method for your new country or region.
I'm sure you had a valid payment info at one point which validates your account for Germany use and then removed it. That's more than enough for Apple to verify you're a valid German user to download those apps. Either that or you acquired the iPhone in Germany which again, validates you as a German user.
Sorry, but you're still wrong here.
Again: Online transactions require two-factor authentication - as required by law.
The payment card provider is otherwise liable for transactions that the customer did not authorise.
When you "change" your current country.
Only when you change your current country - cause that's what the link is about.
Not when you create an account.
Boy, do you have a confidence!
You're not understanding here. The point of a malicious actor is to not follow the law and steal user info.
Boy did you not read: "Either that or you acquired the iPhone in Germany which again, validates you as a German user."
You're not understanding:
My bank, which issued my credit card, isn't a malicious actor. They follow the law.
And they're liable for online transactions without strong customer authentication (that I did not authorise).
My iOS device (or rather, my iPad device in this case) was not acquired in Germany.
Not talking about your bank. Talking about my app you downloaded from the App Store written by me, being a malicious actor, something that Apple explicitly warns about external purchases on the App Store.
You then input a debit card details on my website. I use that to buy bitcoins. And you'll never get your money back because you used a debit card instead of a credit card.
Understand?
In the EU the same is not true for a debit card since the law regulating that is much weaker for the consumer than with credit cards, it is also not true even with credit cards if you can be found to have been negligent. Loads of people lose their money (and don’t get it back) every year to card fraud.
I really don’t understand why people are against this, only uninformed consumers would get scared by what Apple put there and uninformed consumers are the ones that need to take extra care. My mother is one of those uninformed consumers and I think it is great if there’s a warning for people like her, means I don’t have to start installing every app on her phone in the future.
They don't "warn" about external purchases for "physical goods".
Which may turn out not to be so physical (or not even exist).
then the app you acquired isn't region locked specifically in Germany
case and point:
https://apps.apple.com/pl/app/westlotto/id485632835 west lotto can be purchased in poland. same app id.
🤦♂️🤦♂️🤦♂️🤦♂️🤦♂️🤦♂️🤦♂️🤦♂️🤦♂️🤦♂️🤦♂️
dude I'm out. have a good one. you're being deliberately disingenuous with your arguments and i don't have time to play this game with you.
The regulation (PSD2) applies just as well to debit cards.
It's EU law (required to be transposed into local law).
Not to be confused with payment card schemes' (e.g. MasterCards or Visa's) internal chargeback rules (that indeed differentiate between credit and debit cards).
Which apps are, then?
I mean, that's just what you claimed earlier:
These lotteries (provide though such apps) are subject to the Glücksspielstaatsvertrag.
They even state that you have to be within Germany to play.
There's a reason why the downloads may be available from other EU storefronts.
It's because Apple is prevented from geoblocking in the EU:
Commission and national authorities call on Apple to stop geo-blocking practices on Apple Media Services
Today, the Consumer Protection Cooperation (CPC) Network of national consumer authorities and the European Commission notified Apple of several potentially prohibited geo-blocking practices that the CPC Network has identified on certain Apple Media Services.
I'm not.
I'm just disputing your assertions that "EU countries have laws that require a valid payment method on file from Apple before buying free apps." and that "EU countries require Apple to have valid billing info on hand EVEN if the app is free."
👉 It's just not true. It hasn't been true.
There's nothing disingenuous about that.
Last edited:
It isn’t PSD2 that offers protection from losing money in the cases we are talking about, what is protecting consumers from credit card fraud is the local implementations of the consumer credit directive (CCD1 and soon CCD2). The regulations regarding debit cards are much weaker than that.
I know plenty of people from the fraud side at banks and there are loads of consumers that get left holding the bag from card fraud for various reasons, one common reason is that it was a debit card.
Yes, it is.
We were talking about...
...stealing card information.
That's why the PSD2 requires strong customer authentication with a second factor.
So that stolen card information does not permit a (new) payment transaction.
No, it's not.
"EU rules on consumer credit are designed to strengthen your consumer rights and to help you make an informed choice if you sign up to a credit agreement."
Consumer Credit
EU rules on consumer credits to strengthen consumer rights when concluding a credit agreement.
That applies when signing up for a credit agreement or credit card (with the bank).
Not when you, subsequently use that payment card to make purchases.
You can read the CCD2 online. There's nothing in there regarding protection against fraudulent card transactions.
As opposed to the PSD2 that does strengthen authentication requirements for card payments.
👉 Somewhat simplifying: CCD protections against creditors (banks, loan companies) taking advantage of consumers with unfair terms. PSD2 protects against credit card fraud as in "card number having been compromised/copied).
I explained: "you're being deliberately disingenuous with your arguments "
We were discussing germany locked apps. He showed an example of an app that you can download outside of Germany and somehow he can download it onto his phone without a germany billing setup. I'm in quite literally the opposite of losing position. 🤣
Odd how you moved on to this discussion as opposed to the other conversation we were having that I already responded to. Have a good one.
...were it not for the fact that you claimed the exact opposite:
Namely that Apple required valid billing info (payment method) to comply with local laws to geo-restrict access:
Either way,
- Apple does not require valid billing info (payment method) to download free apps (contrary to your earlier claim).
- European countries' laws do not require it either (as you claimed. Twice).
- The Glücksspielsstaatsvertrag law you named as an example of such a regulation, I disproved (because I could download apps that provide lotteries subject to it - without having payment method registered with Apple).
Last edited:
Yes, it is.
We were talking about...
...stealing card information.
That's why the PSD2 requires strong customer authentication with a second factor.
So that stolen card information does not permit a (new) payment transaction.
No, it's not.
"EU rules on consumer credit are designed to strengthen your consumer rights and to help you make an informed choice if you sign up to a credit agreement."
Consumer Credit
EU rules on consumer credits to strengthen consumer rights when concluding a credit agreement.commission.europa.eu
That applies when signing up for a credit agreement or credit card (with the bank).
Not when you, subsequently use that payment card to make purchases.
You can read the CCD2 online.
There's nothing in there regarding protection against fraudulent card transactions.
Yeah, I see what you mean with PSD2 now. Due to the requirement of two factor authentication people would be protected in cases where the transaction was not done in a secure and proper manner, yeah that is correct.
I read up a bit more and apparently the CCD1 leaves more room for what to put into local law, I live in an area where the implementation of CCD1 was more full where consumers will have the same rights against the creditor/card issuer as the seller. So even in cases where the transaction itself was done in a correct way the consumer has a very strong legal protection when using a credit card (on top of the bank/card issuers own rules).
I didn’t realise that the CCD1 implementation was that different across member states, I assumed it was universal and that was wrong.
why do they do that?
because they can cut their staffing levels.
the shop becomes a pickup zone.
staff interaction is ID checking only.
no assistance. no advice. less product training required. junior staff only needed.
how long before zero staff interaction required?
a code for a locker and your items inside.
McDonalds in Australia makes customers feel like they shouldnt be in the store.
Touchscreen or online ordering.
Pickup at counter.
Almost like dont sit here and eat and we wont have to clean up either.
Having a number flash onscreen or yelled being the only "human interaction".
Falling sales might be reflecting this management direction...
Our local bank branches seem to close more each week.
But if you have a problem, noone in the branch can fix it. You can sit there and ring Customer Support.
The one teller replacement person directs you to an ATM for whatever you want to do.
Get rid of cash... just use the app...