Apple claims that millions of fraudulent attempts are made against the App Store and its users every year. The company prevented €1.500 billion in fraudulent transactions in 2021, it said, matching similar levels of fraud in 2020.
How people try to commit fraud on the app store
The company explains how scammers try to commit fraud through the store.
These attempts range from relatively simple attempts to make purchases with stolen or fraudulent credit cards to more complex scams involving apps that function normally but stealthily collect data or transmit malware to trick or defraud users.
Attempts to smuggle malware into apps to perform device fraud are on the rise in 2022. It should be noted that there has been a more than 40% increase in Android malware attempts to perform device fraud so far this year, which shows that Apple's concern is justified.
Apple has rejected tens of thousands of apps, including apps with hidden code and deceptive, copycat, and privacy-abusing apps. Millions of attempts to create fraudulent customer or developer accounts are made each year, the company said, while 3,3 million stolen credit cards were used.
The scope of review fraud
Also mentioned is review fraud, in which competitors post illegitimate ratings and reviews to suppress sales of competitor apps or encourage users to download untrustworthy apps.
Apple says more than 2021 billion ratings and reviews were made in 94, and Apple had to detect and block more than 170 million reviews and 610,000 million ratings for "failing to meet moderation standards." Apple also removed XNUMX post-post reviews following complaints and post ratings.
This data suggests that the scale of review fraud is relatively high, suggesting that a very high percentage of the billion ratings and reviews conducted each year are flawed.
App Store developers have complained about this practice for years, and data released by Apple corroborates the concern. That said, it also suggests that the risks of review fraud would be much, much higher if the App Store wasn't moderated.
Apple wants to protect its App Store business
We know that part of the reason the company is sharing this information is to justify the fees it charges certain developers to sell apps through its store. Apple continues to collect data to support how it runs the App Store business, and fraud detection at the level Apple explains doesn't come cheap. While other app stores may charge lower fees, do they offer the same security or user experience? What if Apple can't?
Apple really wants regulators to reconsider plans to force app downloads and other ill-considered proposals that would serve to water down the security of its platforms. In this context, the company is likely looking for data showing the extent to which its products are used today in highly sensitive and strategically essential industries.
What good are endpoint and network protection systems when the platforms themselves become inherently insecure? How can a company maintain trust in its increasingly digital processes if its devices have government-mandated backdoors?
These important questions must be rigorously answered before any decision is made.
The fact that the App Store is experiencing fraudulent activity at the level he described should give regulators pause before imposing rash solutions, especially as criminals get more and more creative in apps, app services and the growing potential for identity fraud.
Older devices are most at risk
Scammers are also targeting older mobile devices, according to a study by NICE Actimize. This study found that bank fraud attempts increased by 41% in 2021, and devices running operating systems manufactured before 2016 are three times more likely to be victims of fraud.
About 4% of the 2500 billion currently active Android devices are running risky iterations of the operating system, compared to just 2% of iPhone users running an operating system more than two years old. (The number of iPhones running 2016 versions of iOS is incredibly small.)
However, any move to water down the security iOS enjoys could leave many more of us vulnerable, and the introduction of a disorganized app store would do just that.
More news at WWDC?
Apple's decision to release information about its work to combat fraud on the App Store just days before its annual developer event sends a message that the company will continue to work toward its privacy and security goals in its mobile ecosystem. . More recently, the company announced that it would remove old apps from the App Store that haven't been updated for three years or more.
Given the scale of fraud on the App Store, this seems like a sensible move to help protect users from unintentionally using apps that may still contain exploits or vulnerable code.
Follow me on Twitter or join me at AppleHolic's bar & grill and Apple discussion groups on MeWe.
Copyright © 2022 IDG Communications, Inc.