Apple has published a 2021 roundup report on actions that it took to prevent fraudulent apps and scammers on its App Store last year. The report comes ahead of the company’s Worldwide Developer Conference (WWDC) 2022, where the company is expected to unveil the latest generation of its software – along with other related announcements. As part of the App Store report, Apple said that it blocked over 170 million fraudulent customer accounts and over 3.3 million fraudulent apps on the App Store, thereby saving its customers from frauds amounting to over $1.5 billion.
Apple App Store 2021 Report: Key Highlights
According to Apple, its efforts to protect users through its App Store actions included stopped over 1.6 million problematic apps and app updates on the store. These included over 835,000 ‘problematic’ new apps, and over 805,000 updates – which had issues such as incomplete information disclosure or the presence of bugs and vulnerabilities. Such apps were flagged by Apple’s App Review process that includes both automated verification and human intervention.
App removals
Apple also said that it rejected over 34,500 apps for “containing hidden or undocumented features,” and more than 157,000 apps for being spam, misleading in terms of their purpose, or clones of other popular apps in order to trick users into making purchases.
A further 155,000 apps were also removed from the App Store for applying and listing on it with one purpose – only to change its functionality later. Another 343,000 apps were banned from the Store for requesting more data than necessary – or mishandling data that was being collected.
Ratings and developers
Apple also cut down on app ratings and reviews in order to present a more authentic representation of what each app offers – through 2021, the company said that it removed over 94 million reviews and 170 million ratings, out of approximately 1 billion such user inputs, which the company found to be violating of its App Store policies.
In terms of controlling developers, Apple blocked 802,000 developers for unclear behaviour through their applications, and another 153,000 for “fraud concerns”. Explaining how various developers attempted to circumvent App Store restrictions through its Enterprise Developer Programme, Apple said that over 3.3 million such apps were blocked through the year.
“The latter is designed to enable large organisations to develop and privately distribute their own apps for internal use. Offenders have sought to exploit this program in an attempt to flout App Review or involve a legitimate enterprise by compromising an insider to leak credentials needed to ship illicit content,” said Apple in a blog post.
Customers and payment methods
The company also added that it removed over 170 million customer accounts that were “associated with fraudulent and abusive activity.” A further 118 million accounts were stopped at the creation process itself because Apple detected them to be similar in intent to its fraud detection metrics.
In terms of how these metrics work, Apple says in its post that it includes “proprietary tools that leverage machine learning, heuristics, and data accumulated since the App Store first launched, which helps to quickly extract large volumes of information about an app’s potential issues and violations.”
Finally, the company also added that it blocked 3.3 million cards that were listed in stolen card databases from being used on the App Store, and about 600,000 accounts were also blocked for attempting to use such cards. These protections reportedly helped Apple save its users over $1.5 billion in 2021.
How Apple compares to competition
In April this year, Google, the makers of Android, published a similar Play Store security report for 2021. In the report, Google claimed that it banned over 1.2 million apps that violated the Play Store’s policy through 2021. It also banned over 190,000 active developer accounts and 500,000 dormant ones for suspected spam behaviour.
Last month, Google also finally rolled out Data Safety – a new section in Google Play Store that will compulsorily have developers disclose the exact permissions that their apps seek from users and how they use it, in a bid to reduce data consumption in apps.
It has also updated its app update policy to state that developers whose apps do not support Android versions no older than two years from the latest release would see their apps being restricted in visibility on the Play Store. During the announcement, Google had said that such a move would force developers into making the most of newer Android versions and better security controls on them.
