opens in new window
UPDATE 15 May 2024

App Store stopped over US$7 billion in potentially fraudulent transactions in four years

Since launching the App Store in 2008, Apple has continued to invest in and develop industry-leading technologies designed to provide users with the safest and most secure experience for downloading apps, and a vibrant and innovative platform for developers to distribute their software. Today, the App Store stands at the forefront of app distribution, setting the standard for security, reliability and user experience.
As digital threats have evolved in scope and complexity over the years, Apple has expanded its antifraud initiatives to address these challenges and help protect its users. Every day, teams across Apple monitor and investigate fraudulent activity on the App Store, and utilise sophisticated tools and technologies to weed out bad actors and help strengthen the App Store ecosystem.
From 2020 through 2023, Apple prevented a combined total of over US$7 billion in potentially fraudulent transactions, including more than US$1.8 billion in 2023 alone. In the same period, Apple blocked over 14 million stolen credit cards and more than 3.3 million accounts from transacting again.
As published in its fourth annual fraud prevention analysis released today, Apple found that in 2023, it rejected more than 1.7 million app submissions for failing to meet the App Store’s stringent standards for privacy, security and content. In addition, Apple’s persistent efforts to stop and reduce fraud on the App Store resulted in the termination of nearly 374 million developer and customer accounts, and removal of close to 152 million ratings and reviews over fraud concerns.

Account Fraud

Apple has developed robust systems to root out fraudulent customer and developer accounts quickly and effectively to prevent such actors from defrauding users. In 2023, Apple terminated close to 118,000 developer accounts, a decrease from 428,000 terminations from the prior year, thanks to continued improvements to prevent the creation of potentially fraudulent accounts in the first place. In addition, more than 91,000 developer enrolments were rejected for fraud concerns and prevented from submitting problematic apps to the App Store.
Harmful activity can also occur at the customer account level, and Apple takes a number of measures to protect users and developers from ill-intended parties. These accounts tend to be bots that are created for the purposes of spamming or manipulating ratings and reviews, charts and search results, which threaten the integrity of the App Store and its users and developers. In 2023, Apple blocked over 153 million fraudulent customer account creations and deactivated nearly 374 million accounts for fraud and abuse.
An infographic titled “Protecting App Store Users: Account Fraud in 2023” contains the following stats: 1) Nearly 118,000 developer accounts terminated for potentially fraudulent activity; 2) over 91,000 fraudulent developer account creations blocked; 3) nearly 374 million fraudulent customer accounts deactivated.
Apple’s commitment to trust and safety extends beyond the App Store, having detected and blocked more than 47,000 illegitimate apps on pirate storefronts from reaching users over the last 12 months. Blocking apps from pirate storefronts is also beneficial to developers, whose apps could be modified or used to disguise malicious software for distribution on these platforms.
Additionally, in the last month, Apple stopped nearly 3.8 million attempts to install or launch apps distributed illicitly through the Developer Enterprise Program, which allows large organisations to deploy internal apps for use by employees.

App Review

Apple’s App Review team of over 500 experts evaluates every single app submission — from developers around the world — before any app ever reaches users. On average, the team reviews approximately 132,500 apps a week, and in 2023, reviewed nearly 6.9 million app submissions while helping more than 192,000 developers publish their first app onto the App Store.
App Review conducts a number of checks before any app makes its way onto the store, and leverages automated processes and human review to detect and take action on apps with the potential to harm or defraud users. In 2023, more than 1.7 million app submissions were rejected for various reasons, including privacy violations and fraudulent activity.
An infographic titled “Protecting App Store Users: App Review in 2023” contains the following stats: 1) Over 1.7 million app submissions rejected; 2) over 248,000 app submissions rejected for spam, copycats or misleading users; 3) over 38,000 app submissions rejected for containing hidden or undocumented features; 4) over 375,000 app submissions rejected for privacy violations.
Bad actors employ deceptive tactics to harm users, including the practice of disguising potentially risky apps as innocuous ones. Over the past year, there have been numerous instances where App Review identified apps initially misrepresented as harmless products — such as photo editors or puzzle games — that later transformed post-review into pirate movie streaming platforms, illegal gambling apps, or fraudulent and predatory loan issuers.
In some extreme instances, the team also identified and removed financial service apps involved in complex and malicious social engineering efforts designed to defraud users, including apps impersonating known services to facilitate phishing campaigns and that provided fraudulent financial and investment services. Through its ongoing work to review every app submission and investigate problematic apps on the App Store, App Review, in 2023, removed or rejected 40,000 apps from developers who engaged in bait-and-switch activity.
Malicious actors can also design apps with the intention to trick and scam users. In 2023, more than 248,000 app submissions were rejected from the App Store because they violated Apple’s policies against spam, blatantly copying other apps or otherwise misleading users. This is in addition to over 38,000 app submissions that were rejected for containing hidden or undocumented features. Apps that are designed to access users’ private, personal data without their permission or knowledge are also prohibited from the App Store. Last year alone, over 375,000 app submissions were rejected for privacy violations.
App Review is diligent in investigating and taking action against apps reported as fraudulent or malicious through Apple’s Report a Problem tool. Fraudulent apps are immediately removed from the App Store, and the developer faces the risk of termination from the Apple Developer Program, which would also result in any unapproved apps under their account being blocked from the store. In 2023, App Review took action to prevent nearly 98,000 potentially fraudulent apps from reaching users on the App Store.

Ratings and Reviews

Ratings and reviews are an essential resource for users looking for their next app and a valuable tool for developers to receive meaningful user feedback about their products. In 2023, with over 1.1 billion ratings and reviews processed, Apple removed nearly 152 million fraudulent ratings and reviews from the App Store.
An infographic titled “Protecting App Store Users: Ratings and Reviews in 2023” contains the following stats: 1) Over 1.1 billion ratings and reviews processed; 2) nearly 152 million fraudulent ratings and reviews removed.

Payment and Credit Card Fraud

From household goods to entertainment services, apps have become a mainstream way for users to make purchases. Apple is diligent in its efforts to protect users’ financial information through its secure payment technologies like Apple Pay and StoreKit, which nearly 1 million apps use to sell goods and services on the App Store. And as fraud losses globally reach new highs, Apple helped prevent more than US$1.8 billion in potentially fraudulent transactions on its platform in 2023.
Apple takes credit card fraud extremely seriously and remains committed to protecting the App Store and its users. For example, when consumers make a purchase with Apple Pay, it uses a device-specific number and unique transaction code so a card number is never stored on a consumer’s device or on Apple servers. Additionally, credit and debit card numbers are never shared with developers, thus eliminating another risk factor in the payment transaction process.
An infographic titled “Protecting App Store Users: Payment and Credit Card Fraud in 2023” contains the following stats: 1) Over US$1.8 billion in potentially fraudulent transactions prevented; 2) over 3.5 million stolen credit cards prevented from being used; 3) Over 1.1 million accounts banned from transacting again.
When consumers use Apple Pay to make a purchase online or in-app, cards with certain enhanced fraud prevention will enable a consumer’s device to evaluate information — such as their Apple ID, device, and location if they have Location Services for Wallet turned on — in order to develop on-device fraud prevention assessments.
Apple also leverages a combination of advanced technology and human review to detect when a stolen credit card is being used for illicit purposes. In 2023 alone, Apple prevented more than 3.5 million stolen credit cards from being used to make fraudulent purchases and banned over 1.1 million accounts from transacting again.

Keeping the App Store Safe

Apple has dedicated an advanced suite of tools and resources to ensure the App Store is a safe and trusted place for users and developers. By thwarting the fraudulent efforts of bad actors, Apple ensures users can install software onto their personal devices knowing there are a number of safeguards in place to protect them, and developers have a reliable store with a strong reputation to distribute their apps and games.
Apple will continue to invest in its long-standing commitment to protect the quality and security of the App Store in the best interests of all users and developers.
Share article

Media

  • Text of this article

  • Images in this article

Press Contacts

Elizabeth Cave

Apple

lcave@apple.com

Alex Waldron

Apple

awaldron@apple.com