You remember Kosta Eleftheriou, right? He tweeted about clones of his app FlickType, and has since found a bunch of App Store scams that he has tweeted about. Here are a couple of recent examples, starting with X-Gate VPN:
Another typo in the title, but this time it’s not even a title – it’s PLACEHOLDER TEXT!
How the heck does this app have a 4-star rating? Or passed review twice??
Anyway, let’s continue to see what this “7 day” trial is all about.
On the next screen the trial is now for 3 days instead of 7, and we can “Incredibly increase speed” for a mere $12/week.
You’re telling me people are signing up for $624/year for *this*? And are giving it 4 stars?
And here’s a game for kids:
This @AppStore app pretends to be a silly platformer game for children 4+, but if I set my VPN to Turkey and relaunch it becomes an online casino that doesn’t even use Apple’s IAP.
Both of these apps were available for hours after Eleftheriou tweeted about them, but have now been removed from the store. On one hand, you could argue that this indicates the need for a centralized and policed app marketplace: since Eleftheriou finds scummy apps like these in Apple’s controlled marketplace, it is possible that many more would be available if not for the controls in place. Apple is also able to disable apps like these when they are found.
But the fact that these apps are found in “a place you can trust” also indicates that Apple’s review process is not as stringent as it needs to be. It is possible that there would be more nefarious apps available for iOS if the App Store were not the sole distribution platform, but Apple’s App Store could still be the best marketplace if there were competitors. It could be safer and more controlled than it already is. It is also true that Apple could disable worrisome apps’ certificates, which are unconnected to the App Store’s monopoly on native app distribution for iOS.
One more thing that I think is critical is that it is, right now, impossible to flag an app as a rule-breaker or a scam. Say you download an app and it is, in some way, worth reported to Apple. Let’s start in the App Store, where there is no button to report an app, not even in the app listing’s share menu. If you go to Apple’s Report a Problem website, you will see all of your purchases and downloads from your Apple ID, and you will be be asked a question, “What can we help you with?” for a dropdown menu containing these options:
Request a refund
Report a quality issue
Find my content
Report suspicious activity
If you pick the last one, you’ll be sent to a screen where you will be told to contact Apple Support if you think your Apple ID has been compromised; it has nothing to do with the items you purchased or downloaded.
The second item on the list, which is my next best guess for a relevant answer, is limited to Apple subscriptions and in-app purchases. It is the answer you choose when, say, a movie you rented has playback problems, or an app subscription is not working properly. It is one option you could use if an app is abusing in-app purchases and you have fallen for the scam but, if you are alert enough to avoid subscribing, this choice won’t help. It is the same story for requesting a refund, and “find my content” is irrelevant.
So you visit Apple’s contact page where, under the “Product and Services Support” section, you are redirected to Apple’s support page. And, long story short, there is nothing in this support site about App Store scams or reporting a problem with a third-party app. If I am wrong about this, please get in touch and tell me — I will update this post. But it appears that, if a scam makes its way into the App Store, Apple is entirely dependent on users posting on social media or contacting Apple through another channel to be alerted to problems.