In a press release which Apple just issued, the company addressed the suspicious app purchase patterns news that we broke on Sunday by saying “The developer Thuat Nguyen and his apps were removed from the App Store for violating the developer Program License Agreement, including fraudulent purchase patterns.”
This is at least a good start. However, in what has become an alarmingly short-sighted pattern, Apple has refused to acknowledge the elephant in the room: widespread abuse of App Store billing.
The remainder of Apple’s statement, which suggests that users cancel credit cards used for fraudulent purchases and change passwords for security (both appropriate ideas), fails to address this issue. Apple did do the right thing by removing Thuat Nguyen’s app farm, but they should (and need to) go one step farther.
As we showed, Nguyen’s operation was just the tip of the iceberg in the app farm game. We received many tips from our readers alleging similarly dubious outfits like CHARISMAIST (iTunes store link), Storm 8 and other similar companies continue to scam their users out of hundreds of dollars.
Whether this is a fundamental problem with the architecture of the App Store, a problem of misunderstandings among users (which seems less and less likely with every report of fraud we’ve received), a security issue or anything else, it’s time for Apple to properly address the problem.
While Apple neatly glossed over the scariest parts of the Thuat Nguyen story in their press release, it’s incredibly important for consumers to remain informed about the facts of the issue. Accounts were compromised. Users were charged fraudulently, and enough users were scammed (just read the comments) to the point where these rogue developers overran the App Store’s leaderboards in more than one category..
While Apple steadfastly claims that “Developers do not receive any iTunes confidential customer data when an app is downloaded,” clearly these rogue developers were able to access users’ credit cards in some way. If not, how could people be charged for hundreds of dollars of apps purchases.
The truth is that Apple simply may not completely understand how their system was compromised. This would be a scary development, without a doubt. While there are likely hundreds of software engineers in Cupertino frantically cranking away at a solution, the bullheaded denials of any widespread issue have an odd air of Baghdad Bob to them.
In short, it’s time for Apple to own up to their mistakes. Despite building a reputation as the company whose products just work, they’ve seen multiple PR nightmares blow up in their face over the last few weeks.
While they may believe that keeping mum will help them dodge any permanent blows to their reputation, a simple mea culpa that addresses the issue in a straightforward manner and doesn’t beat around the bush would go a long way towards mending these problems.
It also wouldn’t hurt to take down other offenders’ apps, either.