Apple has revealed that the App Store has stopped over $7 billion fraudulent transactions in four years.
Since launching the App Store in 2008, Apple has continued to invest in and develop industry-leading technologies designed to provide users with the safest and most secure experience for downloading apps, and a vibrant and innovative platform for developers to distribute their software.
As digital threats have evolved in scope and complexity over the years, Apple says it has expanded its antifraud initiatives to address these challenges and help protect its users.
Every day, teams across Apple monitor and investigate fraudulent activity on the App Store, and utilize sophisticated tools and technologies to weed out bad actors and help strengthen the App Store ecosystem.
From 2020 through 2023, Apple prevented a combined total of over $7 billion in potentially fraudulent transactions, including more than $1.8 billion in 2023 alone.
In the same period, Apple blocked over 14 million stolen credit cards and more than 3.3 million accounts from transacting again.
As published in its fourth annual fraud prevention analysis released today, Apple found that in 2023, it rejected more than 1.7 million app submissions for failing to meet the App Store’s stringent standards for privacy, security, and content.
In addition, Apple’s persistent efforts to stop and reduce fraud on the App Store resulted in the termination of nearly 374 million developer and customer accounts, and removal of close to 152 million ratings and reviews over fraud concerns.
Account Fraud
Apple has developed robust systems to root out fraudulent customer and developer accounts quickly and effectively to prevent such actors from defrauding users. In 2023, Apple terminated close to 118,000 developer accounts, a decrease from 428,000 terminations from the prior year, thanks to continued improvements to prevent the creation of potentially fraudulent accounts in the first place.
In addition, more than 91,000 developer enrollments were rejected for fraud concerns and prevented from submitting problematic apps to the App Store.
Harmful activity can also occur at the customer account level, and Apple takes a number of measures to protect users and developers from ill-intended parties. These accounts tend to be bots that are created for the purposes of spamming or manipulating ratings and reviews, charts, and search results, which threaten the integrity of the App Store and its users and developers.
In 2023, Apple blocked over 153 million fraudulent customer account creations and deactivated nearly 374 million accounts for fraud and abuse.
Apple has also detected and blocked more than 47,000 illegitimate apps on pirate storefronts from reaching users over the last 12 months. Blocking apps from pirate storefronts is also beneficial to developers, whose apps could be modified or used to disguise malicious software for distribution on these platforms.
Additionally, in the last month, Apple says it stopped nearly 3.8 million attempts to install or launch apps distributed illicitly through the Developer Enterprise Program, which allows large organizations to deploy internal apps for use by employees.
App Review
Apple’s App Review team of over 500 experts evaluates every single app submission — from developers around the world — before any app ever reaches users. On average, the team reviews approximately 132,500 apps a week, and in 2023, reviewed nearly 6.9 million app submissions while helping more than 192,000 developers publish their first app onto the App Store.
App Review conducts a number of checks before any app makes its way onto the store, and leverages automated processes and human review to detect and take action on apps with the potential to harm or defraud users. In 2023, more than 1.7 million app submissions were rejected for various reasons, including privacy violations and fraudulent activity.
Bad actors employ deceptive tactics to harm users, including the practice of disguising potentially risky apps as innocuous ones. Over the past year, there have been numerous instances where App Review identified apps initially misrepresented as harmless products — such as photo editors or puzzle games — that later transformed postreview into pirate movie streaming platforms, illegal gambling apps, or fraudulent and predatory loan issuers.
In some extreme instances, the team also identified and removed financial service apps involved in complex and malicious social engineering efforts designed to defraud users, including apps impersonating known services to facilitate phishing campaigns and that provided fraudulent financial and investment services.
Through its ongoing work to review every app submission and investigate problematic apps on the App Store, App Review, in 2023, removed or rejected 40,000 apps from developers who engaged in bait-and-switch activity.
Malicious actors can also design apps with the intention to trick and scam users. In 2023, more than 248,000 app submissions were rejected from the App Store because they violated Apple’s policies against spam, blatantly copying other apps, or otherwise misleading users.
This is in addition to over 38,000 app submissions that were rejected for containing hidden or undocumented features. Apps that are designed to access users’ private, personal data without their permission or knowledge are also prohibited from the App Store. Last year alone, over 375,000 app submissions were rejected for privacy violations.
App Review is diligent in investigating and taking action against apps reported as fraudulent or malicious through Apple’s Report a Problem tool. Fraudulent apps are immediately removed from the App Store, and the developer faces the risk of termination from the Apple Developer Program, which would also result in any unapproved apps under their account being blocked from the store.
In 2023, App Review took action to prevent nearly 98,000 potentially fraudulent apps from reaching users on the App Store.
Ratings and Reviews
Ratings and reviews are an essential resource for users looking for their next app and a valuable tool for developers to receive meaningful user feedback about their products.
In 2023, with over 1.1 billion ratings and reviews processed, Apple removed nearly 152 million fraudulent ratings and reviews from the App Store.
Payment and Credit Card Fraud
From household goods to entertainment services, apps have become a mainstream way for users to make purchases. Apple is diligent in its efforts to protect users’ financial information through its secure payment technologies like Apple Pay and StoreKit, which nearly 1 million apps use to sell goods and services on the App Store. And as fraud losses globally reach new highs, Apple helped prevent more than $1.8 billion in potentially fraudulent transactions on its platform in 2023.
Apple takes credit card fraud extremely seriously and remains committed to protecting the App Store and its users. For example, when consumers make a purchase with Apple Pay, it uses a device-specific number and unique transaction code so a card number is never stored on a consumer’s device or on Apple servers.
Additionally, credit and debit card numbers are never shared with developers, thus eliminating another risk factor in the payment transaction process.
When consumers use Apple Pay to make a purchase online or in-app, cards with certain enhanced fraud prevention will enable a consumer’s device to evaluate information — such as their Apple ID, device, and location if they have Location Services for Wallet turned on — in order to develop on-device fraud prevention assessments.
Apple also leverages a combination of advanced technology and human review to detect when a stolen credit card is being used for illicit purposes. In 2023 alone, Apple prevented more than 3.5 million stolen credit cards from being used to make fraudulent purchases and banned over 1.1 million accounts from transacting again.