Touch ID is supposed to give you more peace of mind and security when using your iPhone, but as a recently banned pair of apps show, scammers can use that longing for security against you. Here’s what you need to know about the latest iPhone app scam to plague users in 2018.
First spotted on Reddit, the trick appeared in a couple of fitness apps – “Calories Tracker app” and “Fitness Balance app” – which have both been pulled by Apple after attempting to steal a $119.99 in-app payment from users.
Both apps used the same method: they would ask you to secure your data by holding your fingerprint over the Touch ID sensor. Once your finger was in place, the app would flash up a payment pop-up which iOS would quickly view as accepted because you were already waving it through with your fingerprint. Very sneaky.
One user claimed to have contacted the app’s creator directly highlighting how dishonest the technique was. “They have an automated response message with ‘I am aware of this issue. I’m working hard to fix it. Please wait for version v1.1, everything will be fixed in that version.’”
Unsurprisingly, such tactics are expressly forbidden in Apple’s developer guidelines. Apps that “prey on users or attempt to rip off customers, trick them into making unwanted purchases, force them to share unnecessary data, raise prices in a tricky manner, charge for features or content that are not delivered, or engage in any other manipulative practices within or outside of the app” are strictly forbidden.
Perhaps worryingly, before it was pulled from the App Store, “Fitness Balance app” had an average score of 4.3. It’s not clear how many of these were fake in order to give the app a running start at grifting unsuspecting users, but users on Reddit noticed a pattern forming amongst the reviews while it was live: “On American App Store, all the reviews (except 1) are 5 stars and from a user whose name consists of a first name, a space, a last name, then a 2 digit number with no space separating the name and number,” noted one. “Smells like fake reviews to me. “
Have you seen any apps trying to pull this trick on unsuspecting users? Let us know on Twitter: @TrustedReviews