Mechanism of sign-up to premium SMS via iOS ads

Discussion in 'iOS Programming' started by ohbrilliance, Nov 12, 2013.

  1. ohbrilliance macrumors 6502a

    ohbrilliance

    Joined:
    May 15, 2007
    Location:
    Melbourne, Australia
    #1
    We were recently subscribed to expensive weekly premium SMS messages via a double click-through of an ad in a 'free' iOS game. My four year-old was using the phone, so I never actually saw it happen. Apparently with a double click required, this is allowed in Australia. Their business model seems to be geared around kids clicking around 'free' apps.

    A couple of questions regarding this:

    Is this mechanism of charging from within apps even allowed for apps in the App store? I'm hoping not. And if not, will try to find the offending app and report it to Apple.

    How would this mechanism even work, in particular how would the recipient of the ad click get our mobile number without it being explicitly entered?

    (yes, we have parental control switched on for the purchase of apps and in-app purchases. We weren't expecting this 'gotcha')
     
  2. 1458279 Suspended

    1458279

    Joined:
    May 1, 2010
    Location:
    California
    #2
    I think Apple has certain standards. The standards are different for apps that are targeted to kids. However, I don't know if you can stop a kid from running an app that they aren't supposed to run.

    I would start with finding what app did this and then take it to Apple.

    The rules for IAP or buying from an ad that show up in an app is different. Ads are served from different companies, the developer selects that ad server, but I don't think they have any control over the actual ads that show up.

    As I understand it, it's an open system, you can run 10 ads one right after the other, or you can run 1 ad per hour, you can go with a low end advertiser or a high end one.

    IMO, the market has gone down quickly, the mid-grade apps are hunting for money and the app store is flooded with over 1 million apps. It's harder to make money now compared to before and it doesn't look like things will change any time soon.

    Much like the Web itself, you get spam/malware/agressive ads from some sites and passive, 1st rate ads from others.

    Complain to Apple.

    Getting info from the phone (phone number, contact list, etc...) is supposed to be ONLY when the user has been notified.

    Android is different, Apple took the more secure 'high road,' Android is more of a 'low road' gutter type system.
     
  3. MattInOz macrumors 68030

    MattInOz

    Joined:
    Jan 19, 2006
    Location:
    Sydney
    #3
    The only thing that comes to mind is a framework in iOS (MFMessageComposeViewController) that lets the app compose an SMS message then present that to the user. The user still has to hit send which would explain the two taps as well. They could just send themselves a subscribe message with this system, and get your number in the process.

    So yes complain to Apple even if your not sure which app, include the number sending the messages.

    Also call your phone provider and complain (or lodge complaint on their website) with the sms number sending the spam.
    Also good to lodge complaint with Telecommunication Industry Ombudsmen.
    www.tio.com.au

    One of these should have the power to terminate the SMS service if it's only being used as a scam line.
     
  4. ohbrilliance thread starter macrumors 6502a

    ohbrilliance

    Joined:
    May 15, 2007
    Location:
    Melbourne, Australia
    #4
    Thanks for your replies. I came across the MFMessageComposeViewController code and reckon that's likely the mechanism.

    Telstra has now blocked premium services on our iPhones and the company sending out the messages is sending a $15 cheque. It looks like their business model is to catch as many people out as they can and not argue disputes lest they risk reporting to the ombudsmen.

    FWIW, the service is called AppyClub and the company sending MIA (www.mia.com.au).

    One thing is that they claimed it wasn't possible to determine the app that registered us, as the request came via an ad. Since it's likely that the mechanism needed a hook such as MFMessageComposeViewController, wouldn't it be more than likely that the app itself did the work rather than a clickable ad?
     
  5. dejo Moderator

    dejo

    Staff Member

    Joined:
    Sep 2, 2004
    Location:
    The Centennial State
    #5
    An ad could be considered a mini-app that runs within the main app. Therefore, just as likely it was the ad that was the culprit.
     

Share This Page