June 1, 2022
UPDATE
The App Store stopped nearly $ 1.5 billion in fraudulent transactions in 2021
Prevented over 1.6 million risky and untrustworthy apps and app updates from deceiving users during the year
Apple is dedicated to keeping the App Store a safe and reliable place for people to discover and download apps. A central pillar of this effort is Apple’s ongoing work to detect and intervene against malicious actors seeking to deceive developers and users.
Bad actors continue to develop their methods of online fraud, often making their plans harder to recognize. That’s why Apple has continued to refine its processes, create new ones and develop solutions to deal with these threats.
Last year, Apple released a first analysis of fraud prevention, which showed that by 2020 alone, Apple’s combination of sophisticated technology and human expertise protected customers from more than $ 1.5 billion in potentially fraudulent transactions, preventing attempts to steal their money, information and time. – and kept almost a million problematic new apps out of their hands.
Today, Apple releases an annual update to that analysis: In 2021, Apple protected customers from nearly $ 1.5 billion in potentially fraudulent transactions and stopped over 1.6 million risky and vulnerable apps and app updates from deceiving users.
Apple’s efforts to prevent and reduce fraud in the App Store require continuous monitoring and vigilance across multiple teams. From app review to Discovery Fraud, Apple’s ongoing commitment to protecting users from fraudulent app activity shows once again why independent, respected security experts have said the App Store is the safest place to find and download apps.
App review
The app review process is multi-layered and combines computer automation with manual human review. App Review uses proprietary tools that leverage machine learning, heuristics, and data accumulated since the App Store first launched, helping to quickly extract large amounts of information about an app’s potential issues and violations.
Human review is the hallmark of the app review process. The App Review team reviews each app and each update to ensure that they follow the App Store’s privacy, security and spam guidelines. This process serves as a critical line of defense to help protect users from bad actors.
The goal of App Reviews is always to help get new quality apps in the App Store.
In 2021, App Review helped over 107,000 new developers get their apps into the store. This process can be iterative, as apps can sometimes be unfinished or contain bugs that hamper functionality when first submitted for approval, or they may need to make improvements to its user-generated content moderation mechanisms. In 2021, over 835,000 problematic new apps and a further 805,000 app updates were rejected or removed for a number of reasons such as these. As part of the app review process, any developer who feels they have been mistakenly flagged for fraud may file an appeal with the App Review Board.
A small group of these rejections were for obvious violations that could harm users or profoundly impair their experience. In 2021 alone, the App Review team rejected more than 34,500 apps for containing hidden or undocumented features, and up to 157,000 apps were rejected because they turned out to be spam, copycats, or misleading to users, such as manipulating them to perform a purchase.
Sometimes malicious developers try to bypass App Review by creating an app that appears in one way only to change its concept or functionality once it has been approved. When Apple finds cases of this scam, App Review will reject or remove such apps from the Store immediately, and the affected developers will receive a 14-day notice of the appeal process prior to termination. In 2021, over 155,000 apps were removed from the App Store for this type of violation.
The App Review plays a major role in Apple’s efforts to protect users’ privacy, which Apple believes is a fundamental human right. App submissions are reviewed to ensure that user data is handled correctly. In 2021, the App Review team rejected over 343,000 apps for requesting more user data than necessary or for improper processing of data they had already collected.
Apple’s Code of Conduct for Developers makes it clear that developers who engage in repetitive manipulative or misleading behavior – or any other fraudulent behavior – will be removed from Apple’s developer program. The same code also requires developers to represent themselves and their offers in the App Store accurately and honestly, refrain from engaging in conduct that may manipulate any element of the App Store customer experience, and maintain high-quality content, services, and experiences. quality for customers. .
If users have concerns about an app, they can report it by clicking the Report an Issue feature in the App Store or calling Apple Support, and developers can use one of these methods or additional channels such as Feedback Assistant and Apple Developer Support.
Fraudulent assessments and reviews
App Store ratings and reviews serve as a resource for both users and developers. Many iOS users have become addicted to this feature as a way to help decide if they want to download an app or which app option best suits their needs. In turn, these ratings and reviews help improve visibility in the App Store and provide meaningful intelligence to developers who take this feedback and improve their apps’ features and offerings accordingly.
Illegal reviews and reviews pose a serious risk to the App Store, as this type of fraud can cause users to download – and in many cases buy – an unreliable app that tries to play the system through misrepresentations instead of giving users the quality experience they expect. from the App Store. Trust in this system is of paramount importance, and Apple’s anti-fraud initiatives help maintain its integrity. A sophisticated system that combines technology and human review by expert teams allows Apple to moderate ratings and reviews.
With more than 1 billion ratings and reviews processed throughout 2021, Apple systematically detected and blocked over 94 million reviews and over 170 million reviews from publication for non-compliance with moderation standards. An additional 610,000 reviews were also removed after publication based on submissions of customer issues and additional human evaluation.
Account fraud
When developer accounts are used for fraudulent purposes in a fraudulent or particularly gross manner, the infringing developer’s Apple Developer Program account is closed. While these individuals or devices use complicated techniques to hide their actions, Apple monitors to ensure that related accounts are closed quickly. As a result of these efforts, Apple closed over 802,000 developer accounts in 2021. An additional 153,000 developer sign-ups were rejected due to fraud concerns, which prevented these bad actors from submitting an app to the store.
In an effort to protect users who download apps beyond the secure and trusted App Store, Apple has over the past 12 months found and blocked over 63,500 illegitimate apps on pirated stores. These storefronts distribute malicious software that is often designed to look like popular apps – or that modifies popular apps without the permission of their developers – while bypassing App Store security protections.
Over the past month alone, Apple has blocked more than 3.3 million instances of apps distributed illegally through their Enterprise Developer Program, which is designed to enable large organizations to develop and privately distribute their own apps for internal use. Offenders have tried to exploit this program in an attempt to override app review or involve a legitimate business by compromising an insider for leaking the credentials needed to post illegal content.
Apple also intervenes against fraudulent customer accounts. In 2021, Apple disabled over 170 million customer accounts associated with fraud and abuse. If an account exhibits similar behavior to those who have been involved in past abuse, they will be disabled before they can be used at all. In addition, more than 118 million accounts creation attempts were rejected in 2021 because they showed patterns consistent with fraud and abuse.
Eliminating account-level scams helps curb this kind of dishonest behavior and provide users with more accurate information about the relative quality and popularity of an app in the App Store.
Payment and credit card fraud
For many people, no data is more sensitive than their financial information. That’s why Apple has invested heavily in creating more secure payment technologies such as Apple Pay and StoreKit. These technologies are used by more than 905,000 apps to sell goods and services in the App Store. For example, with Apple Pay, credit card numbers are never shared with merchants – eliminating a risk factor in the payment transaction process.
As with all forms of fraud, Apple takes credit card fraud extremely seriously and is committed to protecting the App Store and its users from this kind of distress. In 2021 alone, as a result of a combination of technology and human review, more than 3.3 million stolen cards were prevented from being used to make potentially fraudulent purchases and banned nearly 600,000 accounts from trading again. In total, Apple protected users against nearly $ 1.5 billion in potentially fraudulent transactions by 2021.
Apple’s efforts keep the App Store a safe and reliable place for users to find and download apps, and for developers to do what they do best: create. To ensure that a reliable ecosystem is maintained in the years to come, Apple will continue its efforts to detect fraudulent activity and accounts and prevent financial crime.
Tap Contacts
Apple Media Helpline
media.help@apple.com
(408) 974-2042