in app purchases – Techdirt (original) (raw)

Content Moderation Case Study: Apple Blocks WordPress Updates In Dispute Over Non-Existent In-app Purchase (2020)

from the ok-landlord dept

Summary: Apple controls what apps get onto iPhone and iPads via its full control over the iOS App Store. Every app (and its updates) need to be reviewed by Apple staff before it?s allowed in the store — and Apple puts in place its own rules for what is and what is not allowed.

One of those rules is that Apple takes a 30% cut of any sales. That fee has become somewhat controversial, especially among service providers who don?t rely on the App Store for discovery, but whose customers likely come on their own — including Spotify and Epic Games. Spotify, in particular, has urged users to subscribe directly, to avoid having to pay the additional amount per month to cover Apple?s fees. In response, Apple forbade Spotify from even mentioning that it?s cheaper to subscribe outside of the App Store, which is now a central piece of an antitrust fight that is ongoing in the EU.

Perhaps because of all of this, Apple has had to make decisions about whether or not to allow apps in the App Store that seek to avoid paying Apple?s cut of the fees. In August of 2020, Matt Mullenweg, the CEO of Automattic, and the founder/lead developer of the WordPress content management system, announced that the iOS app for WordPress had been frozen by Apple. The given reason was that Apple believed that WordPress was trying to avoid the fees for in-app purchases.

This was the cause of much confusion, as many people noted that the app did not actually sell anything. While WordPress.com does offer paid hosting plans (and domain reselling), that was not a part of the WordPress app. However, as Mullenweg?s tweet showed, Apple was noting that because somewhere else in WordPress.com?s business, it sold things, that meant that WordPress had to pay it a 30% cut of those sales (even though they were outside of the app itself) in order to keep the app in the App Store.

Decisions to be made by Apple:

Questions and policy implications to consider:

Resolution: As this story got more attention, Apple apologized and restored the WordPress developer account. However, its statement on the matter implied that WordPress had ?removed? an option in the app to pay for hosting plans:

We believe the issue with the WordPress app has been resolved. Since the developer removed the display of their service payment options from the app, it is now a free stand-alone app and does not have to offer in-app purchases. We have informed the developer and apologize for any confusion that we have caused.

But users of the app say it never had any in-app purchases at all. The only thing it had were descriptions of WordPress.com Premium offerings, but no way to buy them. Mullenweg said that, before going public, he had asked Apple if removing those mentions would restore the account, and Apple had said it would not.

The reinstatement appeared to take Mullenweg by surprise.

In January of 2021, Apple also moved to lower the cut it took for in-app payments from ?small? developers (those making less than $1 million a year in annual sales) to 15%. It was also revealed that Apple quietly cut a special deal with Amazon to charge the retailer a 15% cut for Amazon?s Prime Video app.

Originally published on the Trust & Safety Foundation website.

Filed Under: app store, content moderation, fees, in app purchases, matt mullenweg, wordpress
Companies: apple, automattic

FTC Goes After Amazon For Kids' In App Purchases As Apple Begs FTC To Go After Google As Well

from the all's-fair-in-ftc-wars-apparently dept

As was expected since last week, the FTC has officially announced that it has filed a lawsuit against Amazon for the way it handled in-app purchases, specifically arguing that the company made it way too easy for children to rack up huge bills without realizing it. This comes about seven months after the FTC went after Apple over the same issue, but Apple agreed to settle with the FTC, while still pointing out angrily that it had changed its in-app purchasing process years earlier. Unlike Apple, Amazon has decided that it will fight, rather than settle.

This might not be that crazy. While there may be something to the fact that these companies should be more careful about keeping kids from buying lots of digital crap on their parents’ bills, when you take a step back, it does look like the FTC is deciding it can regulate the user interface decisions of internet companies, and that has some potentially troubling implications — especially with Amazon where its “one click” purchasing has become a part of its brand. That’s not to say the company shouldn’t reconsider how the shopping works on its mobile apps, but it’s not clear that the FTC really should be stepping in here.

Of course, in the meantime, Apple has decided that while it’s not happy about the FTC forcing it to settle, if it’s going to go through that treatment, Google ought to as well. A Politico FOIA request turned up an email from Apple’s general counsel, Bruce Sewell, to two FTC commissioners, basically saying “hey, Google is doing the same thing we’re doing…” by pointing to a Consumer Reports article that highlighted that Google’s in-app purchases allow your “kid to spend like a drunken sailor” for a period of 30 minutes (longer than the 15 minutes that got Apple in trouble). It was a rather obvious effort to create FTC problems for competitors, though it’s understandable that a company on the firing line is tempted to point out others doing the same thing.

This does seem like an area where the companies should be improving, based on consumer complaints alone (and there are many…), but it does raise questions about whether or not the FTC’s mandate really should go so far as to basic UI choices for certain companies.

Filed Under: ftc, in app purchases, kids, ui choices
Companies: amazon, apple, google

UK Advertising Regulator Nixes EA's Dungeon Keeper Advertisement Due To Microtransactions

from the freedom-isn't-free dept

Electronic Arts, fresh from being upset in the most recent “Worst Company” contest, isn’t taking the defeat lying down. In fact, they’re in full rebuilding mode, acquiring as much news about pissing people off as possible. Recently, for instance, you may have heard that the next Sims game will be published without the much-loved toddler children sims or the ability to create swimming pools in players’ homes. The response from EA essentially states that they don’t think that stuff is important, despite the public outcry. With an eerily similar recent history in the form of the SimCity debacle still fresh in everyone’s mind, people aren’t too happy.

But the real trump card the company has rolled out recently is the Dungeon Keeper mobile game which pissed off roughly everyone. And I don’t just mean the critics, who essentially look upon this reboot of a beloved franchise as blasphemy, but even consumer rights groups are getting involved due to the cynical attempt in the game to extract microtransactions out of players through in-app purchases while claiming to be a free game. The UK’s Advertising Standards Authority disallowed EA advertising Dungeon Keeper as a free game and describes the ad this way:

A direct e-mail for the mobile app game Dungeon Keeper stated “GET DUNGEON KEEPER ON MOBILE FOR FREE! … DIG. DEVISE. DOMINATE. Build the most badass dungeon ever! Raise an army of diabolical minions and lay twisted traps to destroy any opponents foolish enough to set foot in your lair. MASTER THE HAND OF EVIL Cast powerful spells, pillage and plunder other players’ dungeons, and slap your imps around to make them work harder. A world of wicked fun is right at your fingertips. What are you waiting for, Keeper? Get it for FREE!” A footnote stated “WIRELESS FEES MAY APPLY”. The ad also featured a screenshot of the game which appeared to show a well-developed dungeon, and was accompanied by artwork depicting characters from the game.

The problem? Well, by most objective estimations, you can barely play the game without shelling out for in-app purchases. See, the game uses two kinds of currency in order to construct dungeons, which is the gameplay within the app. There’s stone and gold, which replenish and accrue over time, and there are gems which are paid for with real-life money or some very limited in-game actions. EA argued that everything that appeared in their ad, including depictions of a created dungeon, could be achieved without spending any real-world money and just playing the game. And they’re technically right, but they forgot to mention that the amount of time we’re talking about to do so makes the game unplayable. Also, they forgot to mention how, in a departure from games like Candy Crush, the time players are made to wait gets longer as they progress in the game.

We noted that, although some of these actions could be done simultaneously, there was a limit to how many actions could happen at the same time and that the length of the countdown timers increased according to how far the player had progressed in aspects of the game. We therefore regarded it as extremely likely that players would reach a position where they would be unable to take any further meaningful or progressive action in the game until a timer had finished or been skipped, and that these periods would become longer and more significant, and the cost of skipping increasingly higher, as the player progressed. Although some of the features in the ad did not require waiting for a timer, we noted that these were either incidental or brief (such as ‘slapping’ the imp characters) or were dependent on other actions that were gated by a timer. We acknowledged that the Gem currency, through which the timers could be skipped, could be obtained for free through normal gameplay and that the game could therefore be played without spending currency to bypass the countdown. However, we understood that the rate at which they could be accrued was slow in comparison to the amount needed to play the game at a reasonable rate, where the delays did not significantly impact on the ability to continue playing.

In other words, the ad said the game was free and didn’t mention in-app purchases, but the game is essentially unplayable without such purchases. In addition, progress in the game is specifically met with a mechanic designed solely to extract in-app purchases in the form of an increasingly long countdown timer. It’s a scummy way to make a game, to advertise a game, and to treat customers, particularly within a game that is universally considered to be garbage.

The end result is the ASA nixed the ads that depicted the game as free and ordered them to make future ads clear about in-app purchases and the limitations on free gameplay. If EA wants to keep on making this money-extracting drivel, they certainly can, but they can’t pretend they aren’t. Consumer protection done right, in other words.

Filed Under: advertising, dungeon keeper, free, in app purchases, microtransactions, uk
Companies: ea

Apple Plays Cat And Mouse With In-App Purchase Hacker

from the what-if-I-change-this-setting dept

Piracy has been considered the bane of game developers for as long as games have existed. Over the years, many methods of fighting piracy or turning those who play for free into paying customers have come and gone. Some methods focused deterring pirates while others instead focused on maximizing profits. One of these profit maximizing endeavors, which recently gained traction with game developers, is the use of micro-transactions — or as they are often called in the mobile world, “in-app purchases.” This method of revenue generation was quickly accepted by many game developers, as it provided a way to distribute the game for free to as many people as possible with the prospect that enough of those free users would then buy in-game items with real money.

Because of this model of doing business, mobile phone producers (mainly Apple) have developed APIs that allow game developers to easily tie their in-game stores to Apple’s payment processing and authentication services. While this method is not without its issues, it has been accepted as a relatively secure method of monetizing a game. That is, until one hacker named Alexey V. Borodin figured out a relatively simple way to spoof the purchases of in game items. Using this exploit, Alexey claims that as many as 30,000 transactions have been made since instructions went live.

In a follow up article, The Next Web reports that Apple has begun efforts to prevent the spread of this exploit. These efforts include blocking the IP address of the server Alexey was using, requesting the server be taken down by the Russian hosting company which owned it, sending take down notices to Youtube over videos providing instructions, and getting PayPal involved in shutting down the account Alexey was using to generate donations (a whopping $6.78 was raised according to that report). Apple also included the following statement:

The security of the App Store is incredibly important to us and the developer community. We take reports of fraudulent activity very seriously and we are investigating.

Even with all these attempts at taking down Alexey’s service, it still remains up and running for all willing iPhone users to take advantage of; that is, if those users are willing to risk their privacy and iTunes accounts to use it, something Alexey claims is not an issue.

While this exploit is very troubling on many levels, it really highlights the folly of relying on security through obscurity. Apple had the chance to secure its APIs long before this exploit happened. It has an opportunity to do so now. In fact, Alexy states that he is more than willing to talk about the issue with Apple. Unfortunately, Apple has not contacted him. While I can understand Apple’s unwillingness to work directly with someone who openly exploits its services, it would be prudent to use all available options to end this exploit.

One would hope that game developers who feel threatened by this exploit will pressure Apple to fix the security issues in its APIs as well as provide some kind of training in best practices in securing in-app purchases. Of course game developers should also be doing their part to use all available tools to protect the integrity of their games as well — something all software developers should do from the beginning.

Filed Under: hack, hacker, in app purchases, microtransactions
Companies: apple