June 1, 2022
The App Store stopped nearly $1.5 billion in fraudulent transactions in 2021
Stops over 1.6 million risky and untrusted apps and app updates from scamming users throughout the year
Apple is committed to making the App Store a safe and trusted place for users to discover and download apps. A key pillar of this effort is Apple’s ongoing work to detect and take action against bad actors who seek to defraud developers and users.
Bad actors continue to evolve their online fraud methods, often making their schemes harder to spot. That’s why Apple has continued to refine its processes, create new ones, and design solutions to deal with these threats.
Last year, Apple released groundbreaking fraud prevention analysis, which showed that in 2020 alone, Apple’s combination of sophisticated technology and human expertise protected customers from more than 1 $.5 billion worth of potentially fraudulent transactions, preventing attempted theft of their money, information and time. – and kept nearly a million new problematic apps out of their hands.
Today, Apple is releasing an annual update to that analysis: In 2021, Apple protected customers from nearly $1.5 billion in potentially fraudulent transactions and blocked more than 1.6 million apps and apps. risky and vulnerable app updates from scam users.
Apple’s efforts to prevent and reduce App Store fraud require ongoing monitoring and vigilance by multiple teams. From App Review to Discovery Fraud, Apple’s ongoing commitment to protecting users from fraudulent app activity once again demonstrates why independent and respected security experts have declared the App Store to be the safest place to find and download apps.
The application review process is multi-layered and combines IT automation with manual human review. App Review uses proprietary tools that leverage machine learning, heuristics, and data accumulated since the launch of the App Store, making it possible to quickly extract large volumes of information about potential app issues and breaches. an application.
Human review is the distinctive element of the application review process. The App Review team examines every app and every update to make sure they meet App Store guidelines for privacy, security, and spam. This process serves as a critical line of defense to help protect users from bad actors.
App Review’s goal is always to help get new quality apps to the App Store.
In 2021, App Review helped over 107,000 new developers get their apps to the store. This process can be iterative, as sometimes apps may be unfinished or contain bugs that hinder functionality when first submitted for approval, or they may need to make improvements to its moderation mechanisms for user-generated content. ‘user. In 2021, more than 835,000 new problematic apps and 805,000 additional app updates were rejected or removed due to various reasons like these. As part of the app review process, any developer who believes they have been wrongly reported for fraud can file an appeal with the App Review Board.
A smaller group of these rejections involved egregious violations that could harm users or profoundly diminish their experience. In 2021 alone, the app review team rejected over 34,500 apps for containing hidden or undocumented functionality, and over 157,000 apps were rejected because they turned out to be spam, imitators or misleading to users, such as manipulating them to make a purchase. .
Sometimes nefarious developers try to circumvent App Review by creating an app that appears one way, only to change its concept or functionality once it has been approved. When Apple detects cases of this type of fraud, App Review immediately rejects or removes these apps from the store, and affected developers receive a 14-day notice of appeal process prior to termination. In 2021, over 155,000 apps were removed from the App Store for these types of violations.
App Review plays an important role in Apple’s efforts to protect user privacy, which Apple considers a basic human right. App submissions are reviewed to ensure that user data is handled appropriately. In 2021, the App Review Team rejected more than 343,000 apps for requesting more user data than necessary or for mishandling data they had already collected.
Apple’s Developer Code of Conduct makes it clear that developers who engage in repeated manipulative or deceptive behavior – or other fraudulent conduct – will be removed from the Apple Developer Program. This same code also requires developers to present themselves and their offerings on the App Store accurately and honestly, refrain from engaging in behavior that could manipulate any element of the App Store customer experience, and maintain high quality content, services and experiences for customers. .
If users have concerns about an app, they can report it by clicking the Report a Problem feature on the App Store or by calling Apple Support, and developers can use any of these methods or additional channels such as Feedback Assistant and Apple Developer Support.
Fraudulent ratings and reviews
App Store ratings and reviews serve as a resource for users and developers. Many iOS users have come to depend on this feature to decide whether to download an app or which app option best suits their needs. In turn, these ratings and reviews help to improve visibility on the App Store and provide useful information for developers who take this feedback into account and improve their app features and offerings accordingly.
Illegitimate ratings and reviews pose a serious risk to the App Store, as this type of deception can trick users into downloading – and in many cases purchasing – an untrustworthy app that attempts to trick the system through misrepresentation, rather than providing users with a quality experience. expect from the app store. Trust in this system is of the utmost importance, and Apple’s anti-fraud initiatives help maintain its integrity. A refined system that combines technology and human review by teams of experts allows Apple to moderate ratings and reviews.
With over 1 billion ratings and reviews processed throughout 2021, Apple has consistently detected and blocked over 94 million reviews and over 170 million ratings since publication for non-compliance. of moderation. An additional 610,000 reviews were also removed after publication based on customer feedback and additional human review.
When developer accounts are used for fraudulent purposes in a deceptive or particularly egregious manner, the offending developer’s Apple Developer Program account is terminated. As these individuals or entities deploy elaborate techniques to conceal their actions, Apple is monitoring to ensure that associated accounts are promptly terminated. As a result of these efforts, Apple terminated over 802,000 developer accounts in 2021. An additional 153,000 developer registrations were rejected due to fraud concerns, preventing these bad actors from submitting an app to the store.
In an effort to protect users who download apps beyond the safe and trusted App Store, over the past 12 months Apple has found and blocked more than 63,500 illegitimate apps on pirate storefronts. These storefronts distribute malware that is often designed to look like popular apps – or that modify popular apps without their developers’ permission – while bypassing App Store security protections.
In the past month alone, Apple has blocked more than 3.3 million instances of illegally distributed apps through its Enterprise Developer Program, designed to allow large organizations to privately develop and distribute their own apps to internal use. Offenders have sought to exploit this program in an effort to undermine App Review or implicate a legitimate business by compromising an insider to disclose credentials needed to ship infringing content.
Apple also takes action against fraudulent customer accounts. In 2021, Apple disabled more than 170 million customer accounts associated with fraudulent and abusive activity. If an account exhibits behaviors similar to those that have already been abused, it is disabled before it can be used. Additionally, more than 118 million account creation attempts were rejected in 2021 because they displayed patterns consistent with fraudulent and abusive activity.
Eradicating account-level fraud helps curb this type of dishonest behavior and presents users with more accurate information about an app’s relative quality and popularity on the App Store.
Payment and credit card fraud
For many people, no data is more sensitive than their financial information. That’s why Apple has invested heavily in creating more secure payment technologies like Apple Pay and StoreKit. These technologies are used by over 905,000 apps to sell goods and services on the App Store. For example, with Apple Pay, credit card numbers are never shared with merchants, eliminating a risk factor in the payment transaction process.
As with all forms of fraud, Apple takes credit card fraud very seriously and is committed to protecting the App Store and its users from such harm. In 2021 alone, through a combination of technology and human review, more than 3.3 million stolen cards were prevented from being used to make potentially fraudulent purchases and banned nearly 600,000 accounts from transact again. In total, Apple protected users from nearly $1.5 billion in potentially fraudulent transactions in 2021.
Apple’s efforts make the App Store a safe and trusted place for users to find and download apps, and for developers to do what they do best: create. To help ensure the trust ecosystem is sustainable for years to come, Apple will continue to work to detect fraudulent activity and accounts and prevent financial crime.
Apple Media Phone Support