UPDATE
May 17, 2023
App Store stopped more than $2 billion in fraudulent transactions in 2022
The App Store launched in 2008 with the mission of accomplishing two important objectives: to establish a reliable and secure platform for users to safely discover and download apps, and to provide developers with an exciting opportunity to showcase their ideas and grow their business.
Over the years, Apple has introduced various measures to support an ecosystem that benefits both users and developers. As a result, the App Store has become a vibrant and innovative platform that attracts over 650 million average weekly visitors worldwide, while providing more than 36 million registered Apple developers with a global distribution platform that supports more than 195 local payment methods and 44 currencies.
Today, Apple announced that in 2022, the App Store prevented over $2 billion in potentially fraudulent transactions, and rejected nearly 1.7 million app submissions for failing to meet the App Store’s high standards for privacy, security, and content.
Account Fraud
Apple rooted out 428,000 developer accounts and 282 million customer accounts for fraud and abuse last year.
Over the years, Apple has improved its systems to continuously monitor and detect account fraud quickly. In 2021, Apple terminated over 802,000 developer accounts for potentially fraudulent activity. In 2022, that number declined to 428,000 thanks in part to new methods and protocols that allow the App Store to prevent the creation of potentially fraudulent accounts. Additionally, nearly 105,000 Apple Developer Programme enrolments were rejected for suspected fraudulent activities, preventing these bad actors from submitting apps to the App Store.
In 2022, Apple protected users from nearly 57,000 untrustworthy apps from illegitimate storefronts, which do not have the same built-in privacy and security protections as the App Store. These unauthorised marketplaces distribute harmful software that can imitate popular apps or alter them without the consent of their developers.
In the last 30 days alone, Apple blocked close to 3.9 million attempts to install or launch apps distributed illicitly through the Developer Enterprise Programme, which allows large organizations to deploy internal apps for use by employees.
Apple also takes action against fraudulent customer accounts, and in 2022, disabled over 282 million customer accounts associated with fraudulent and abusive activity. And 198 million attempted fraudulent new accounts were blocked before they could even be created.
App Review
The App Store’s front line of defense protected users from hundreds of thousands of unsafe apps in 2022.
Apple performs a number of safety checks on every app before it makes its way onto the App Store. During the development stage, Xcode systematically inspects apps to certify they are using authorised technologies and to make sure the app meets minimum requirements for the App Store. After a developer uploads their app to App Store Connect, additional checks are run to verify it does not reference private APIs and is free of known malware. Once in review, each submission is carefully looked at by a member of the App Review team to ensure it meets Apple’s standards of quality and safety.
App Review has evolved its processes over time, and expanded its operations around the world to support developers and help get their apps onto the App Store quickly. On average, the team reviews over 100,000 app submissions a week, with nearly 90 percent of them receiving a review within 24 hours. Having reviewed more than 6.1 million app submissions in 2022, App Review helped more than 185,000 developers publish their very first app on the App Store, and made over 20,000 phone calls to developers to help them diagnose and resolve issues that led to an app submission rejection.
In 2022, nearly 1.7 million app submissions were rejected from the App Store for various reasons, including concerns related to fraud and privacy. In more than one case this year, App Review caught apps using malicious code with the potential to steal users’ credentials from third-party services. In other instances, the App Review team identified several apps that disguised themselves as innocuous financial management platforms but had the capability to morph into another app. Nearly 24,000 apps were blocked or removed from the App Store for bait-and-switch violations such as these in 2022.
There are other reasons an app can be rejected for fraud. For example, over 153,000 app submissions rejected from the App Store last year were found to be spam, copycats, or misleading, and nearly 29,000 submissions were rejected for containing hidden or undocumented features. Sometimes apps try to obtain users’ personal data without their knowledge or consent. In 2022, upward of 400,000 app submissions were rejected for privacy violations.
App Review also investigates apps reported through Apple’s Report a Problem tool and takes immediate action to remove apps that have been confirmed as fraudulent or malicious. Unapproved apps under a developer account that has been terminated for fraud and abuse are automatically removed and prevented from being submitted onto the App Store. In 2022, App Review took action to prevent nearly 84,000 potentially fraudulent apps from reaching users on the App Store.
Ratings and Reviews
Apple detected and blocked more than 147 million fraudulent ratings and reviews from the App Store last year.
Ratings and reviews are an important feature of the App Store. Users rely on them to help decide which app to download, and developers use them as vital feedback for improving their apps. Inauthentic ratings and reviews from fraudulent or bot accounts can mislead users into downloading an untrustworthy app that attempts to game the system through misrepresentation. In 2022, with over 1 billion ratings and reviews processed, Apple blocked and removed more than 147 million ratings and reviews for failing to meet moderation standards.
Payment and Credit Card Fraud
Apple blocked a record $2 billion in fraudulent transactions in 2022, banning 714,000 fraudulent accounts from transacting again.
As the digital economy evolves, more and more people are turning to online payments to purchase goods and services. Apple has made tremendous investments in creating secure payment technologies like Apple Pay and StoreKit to protect people’s financial information. These technologies are used by nearly 943,000 apps to sell goods and services on the App Store.
Apple takes credit card fraud extremely seriously, and remains committed to protecting the App Store and its users from this kind of stress. For example, with Apple Pay, credit card numbers are never shared with merchants, thus eliminating a risk factor in the payment transaction process.
Last year, Apple blocked nearly 3.9 million stolen credit cards from being used to make fraudulent purchases, and banned 714,000 accounts from transacting again. In total, Apple blocked $2.09 billion in fraudulent transactions on the App Store in 2022.
Apple’s work to keep the App Store a safe and trusted place for users and developers is never done. As bad actors evolve their dishonest tactics and methods of deception, Apple supplements its antifraud initiatives with feedback gleaned from a myriad of channels — from news stories to social media to AppleCare calls — and will continue to develop new approaches and tools designed to prevent fraud from harming App Store users and developers.
Share article
Media
-
Text of this article
-
Images in this article