Apple unveiled data on Tuesday morning showcasing its anti-fraud measures within the iOS App Store, revealing it prevented over $7 billion in “potentially fraudulent transactions” from 2020 to 2023.
According to Apple, the company thwarted more than $1.8 billion in fraudulent transactions in 2023 alone, a slight decrease from the $2 billion reported in 2022. Additionally, Apple stated it blocked over 14 million stolen credit cards and disabled more than 3.3 million accounts from conducting further transactions during this four-year period.
Corporate self-reported metrics often aim to shape narratives, and Apple’s figures bolster its longstanding claim of leading the industry in security, reliability, and user experience, as highlighted in its blog post.
However, alternative perspectives exist. For example, Apple settled a developer lawsuit in fall 2022 over allegations of unfair app rejections, scams, and fraud, providing a counter-narrative to Apple’s claims.
The timing of this announcement is notable, coinciding with the kick-off of Google’s developer conference, I/O. Recently, Google has been piloting a new automated anti-fraud measure for its Google Play store, indicating increasing competition in mobile security enhancements powered by AI.
Apple also faces regulatory pressures concerning its ecosystem integrity. As of February, the company is mandated by the European Union’s Digital Markets Act (DMA) to allow third-party app stores and app sideloading, as well as enabling developers to use third-party payment technologies. Apple contends that the DMA’s enforced openness compromises iOS ecosystem security.
The “fourth annual fraud prevention analysis” published by Apple offers a retrospective assessment of its App Store’s efficacy in combating scams and other fraudulent activities, prior to the influence of EU regulatory changes. It also serves as a strategic message to developers, particularly in the EU, who now have broader options for app distribution beyond the Apple App Store.
App Store integrity in the frame
In its 2023 metrics report, Apple disclosed that over 1.7 million app submissions were rejected for not meeting its rigorous privacy, security, and content standards. The company also highlighted its anti-fraud measures, which resulted in the termination of approximately 374 million developer and customer accounts and the removal of nearly 152 million ratings and reviews due to fraud-related concerns.
Moreover, Apple reported that it closed nearly 118,000 developer accounts in 2023, a significant drop from the 428,000 terminations in 2022. Apple attributes this reduction to “continued improvements” in its preventive measures against the creation of potentially fraudulent accounts, though it did not detail the specific changes implemented.
In additional measures taken last year, Apple denied over 91,000 developer enrollments due to “fraud concerns,” effectively preventing these accounts from submitting “problematic apps” to the App Store.
Apple’s App Review team, which comprises over 500 personnel, is responsible for evaluating each app submission. According to the company, the team reviews roughly 132,500 apps per week and in 2023, scrutinized nearly 6.9 million app submissions, assisting more than 192,000 developers in publishing their first app on the App Store.
The App Review process at Apple integrates both automated systems and human oversight to detect and block fraudulent activities and other harmful content. Throughout 2023, over 1.7 million app submissions were declined for reasons including privacy violations and fraudulent behavior.
Apple noted that bad actors often use deceptive methods to present risky apps as benign. Over the past year, numerous instances were identified where apps, initially disguised as legitimate photo editors or puzzle games, were later revealed to be illicit streaming platforms, illegal gambling apps, or fraudulent loan providers.
In extreme cases, the App Review team also detected and removed financial service apps engaged in elaborate social engineering schemes designed to defraud users. These included apps impersonating reputable services for phishing campaigns and those offering fraudulent financial and investment services. Apple reported that it removed or rejected 40,000 apps from developers involved in bait-and-switch tactics during the year.
