Apple also claims to have foiled US$1.5 billion worth of potentially fraudulent transactions.
Apple says that it thwarted more than US$1.5 billion in potentially fraudulent transactions and prevented almost a million vulnerable and otherwise risky apps from making their way into the App Store in 2020, according to a new report highlighting the company’s efforts to protect Apple users from fraud.
“An app might be unfinished or not functioning properly when it’s submitted for approval, or it might not yet have a sufficient mechanism for moderating user-generated content. In 2020, nearly 1 million problematic new apps, and an additional nearly 1 million app updates, were rejected or removed for a range of reasons like those,” said the Cupertino-based tech titan.
However, some of these apps were turned back at the door for more flagrant violations of the store’s rules. More than 48,000 were removed for containing hidden features, while over 150,000 were barred for being spam or copycat apps or for even trying to manipulate users into making dodgy purchases.
Apple is widely known for its rather tough stance on privacy and its stringent rules for data handling. It is probably no surprise then that more than 215,000 apps were rejected for various privacy violations, including for requesting far more user permissions and data than warranted by their features.
As ESET researcher Lukas Stefanko has shown, however, scam apps do sometimes stay under the radar; for example, they may masquerade as fitness-tracking tools and misuse Apple’s Touch ID feature to steal money from iOS users. Mac App Store isn’t exempt from these transgressions; three years ago, Apple booted the store’s fourth most popular paid app for mishandling user data.
Apple also monitors developer accounts, which are sometimes created for malicious purposes. Developers who repeatedly or egregiously violate rules are expelled from the Apple Developer Program and have their accounts deleted. In 2020, Apple deleted 470,000 developer accounts and went on to reject another 205,000 enrollments due to fraud concerns. READ NEXT: Almost 2 billion malware installs thwarted by Google Play Protect in 2019
Account fraud, however, isn’t just limited to developers. In the past year, the company identified and deactivated more than 244 million customer accounts that engaged in either fraudulent or abusive activity and prevented 424 million account creations because they showed signs of similar activities.
Apple also highlighted its efforts in protecting payment data, especially in light of online data breaches that aren’t all that of a rare occurrence. Once threat actors acquire credit card information from various breaches, they often resort to laundering the money through marketplaces such as the App Store – something the company is keenly aware of.
“In 2020 alone, the fusion of sophisticated technology and human review prevented more than 3 million stolen cards from being used to purchase stolen goods and services, and banned nearly 1 million accounts from transacting again. In total, Apple protected users from more than $1.5 billion in potentially fraudulent transactions in 2020,” Apple concluded.
To avoid falling victim to apps that sometimes slip through the cracks, read up on our tips on how to protect yourself against scam apps. One of the first things to consider is what kinds of permissions your apps really need.
written by Amer Owaida, ESET We Live Security