One aspect of iOS that keeps iPhone users coming back is the security that Apple puts into its App Store. Yet recently many iPhone fans got a shock when a new heart rate application, created with third party software, attempted to scam users out of $89.99 USD, reports iDrop News .
The application took advantage of Apple’s Touch ID sensor by instructing users to place a finger onto the touch ID sensor in order to check their heart rate. What happened when customers did this was a sneak attack charge, as the fingerprint authorized the $89.99 USD transaction while dimming the screen so much that customers could not see what was happening, as the pop-up dialogue box was obscured during the dimming process.
There are multiple heart rate monitoring apps in the Apple App Store; this particular scamming application was titled simply as Heart Rate Measurement. The misleading nature of this app is a clear violation of Apple’s App Store policy. Those who know about Apple’s iOS know that the company has a rigorous reviewing process on the front end of all apps making it into the App Store. This leads many to wonder how this scam got past the security. Apple reviews the charges its apps are going for, but many now worry that security does not extend so far when those amounts change during an in-app purchasing process. Prominent Apple product reviewing site 9to5Mac also adds that this particular app may have flown under the radar as it appears geared toward Portuguese customers.
Now some are bringing up the topic of Apple upping its security process even more so, possibly to include some kind of after-the-fact review process for apps that also encompasses in-app purchase changes, which of course would add another potentially cumbersome layer to the app review process that developers might not like, but would add another layer of safety to Apple’s loyal customer base. Site 9to5Mac also brings up the possibility of some kind of reporting mechanism that users could use to flag Apple whenever they come across an app like this.
The article by 9to5Mac goes on to note that this is hardly the first App Store app to use fingerprint authentication to trick users into spending money. It’s safe to bet it probably won’t be the last either. With Apple moving away from fingerprint and towards facial recognition, this may make such types of scamming more difficult.