iOS apps used Touch ID feature to trick users into paying hefty fees

by
Dan Goodin
from Ars Technica - All content on (#447R3)
touch-id-scam-app-800x772.png

Enlarge / Images displayed by the Fitness Balance app in Apple's App Store. (credit: Eset)

Apple's App Store has given the boot to two highly rated apps that abused the iOS Touch ID feature in an attempt to swindle users out of sums of more than $100, users on Reddit reported over the weekend.

The offending "Fitness Balance app" and "Calories Tracker app" promised to calculate body mass index, monitor calorie intake, and provide other health-related services. With no advanced warning, according to Reddit posts here and here, the apps charged users fees of $99.99, $119, or 139 Euros, depending on the country of the user. Users who had a credit or debit card connected to their Apple account were immediately billed.

The scam worked by displaying a message as soon as the app was opened. It told users to scan their fingerprint to view a calorie tracker or receive another personal service. When users complied, the apps displayed a popup window that said they had been charged a fee. Less than two seconds later, the popup disappeared, but by then it was too late for many users. Anyone with a card linked to their Apple account was already charged.

Read 3 remaining paragraphs | Comments

index?i=HyM1ioff0JU:ozzaApGlYs0:V_sGLiPB index?i=HyM1ioff0JU:ozzaApGlYs0:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments