SoylentNews is people
SoylentNews
Submitted via IRC for SoyCow1984
iOS apps used Touch ID feature to trick users into paying hefty fees
Apple's App Store has given the boot to two highly rated apps that abused the iOS Touch ID feature in an attempt to swindle users out of sums of more than $100, users on Reddit reported over the weekend.
The offending "Fitness Balance app" and "Calories Tracker app" promised to calculate body mass index, monitor calorie intake, and provide other health-related services. With no advanced warning, according to Reddit posts here and here, the apps charged users fees of $99.99, $119, or 139 Euros, depending on the country of the user. Users who had a credit or debit card connected to their Apple account were immediately billed.
The scam worked by displaying a message as soon as the app was opened. It told users to scan their fingerprint to view a calorie tracker or receive another personal service. When users complied, the apps displayed a popup window that said they had been charged a fee. Less than two seconds later, the popup disappeared, but by then it was too late for many users. Anyone with a card linked to their Apple account was already charged.
(Score: 3, Informative) by IndigoFreak on Friday December 07 2018, @12:15AM (6 children)
Even with the same precautions I have been worried. You can 'text' a phone number and get a charge on your phone bill. With all the app permission that are 'required' for even dumb flashlight apps, they easily can get outgoing SMS rights, and send text messages. I don't see anything that actually stops this from happening.
(Score: 5, Informative) by bob_super on Friday December 07 2018, @12:28AM
Granular permissions on newer Android versions are supposed to prevent unwanted texting or internet access.
Actually, the Play store got worse and is now hiding the permissions under a sub-page, which means too many people will just no bother to check them (then will click OK on any popup asking anything without reading).
I also used Noroot Firewall for a while. Prevents basic access to the web from the apps by masquerading as a VPN. It's amazing how many things try to talk to the internet, yet if you don't let them it has no visible impact whatsoever on functionality.
(Score: 2) by edIII on Friday December 07 2018, @01:52AM (4 children)
I've abandoned Android and am waiting for Purism to finish the first Linux based phone. Same with the tablets. I would use Linux on them before I used Android.
Technically, lunchtime is at any moment. It's just a wave function.
(Score: 1, Informative) by Anonymous Coward on Friday December 07 2018, @03:41AM (3 children)
The webpage at https://puri.sm/products/ [puri.sm] might be temporarily down or it may have moved permanently to a new web address.
It's a pity their website doesn't load on an Android browser
(Score: 1) by anubi on Friday December 07 2018, @10:13PM (2 children)
I just loaded your link and it apparently came up fine on my android BLU phone / Brave browser.
Thanks for sharing that. I am so frustrated with today's technology over the exact things discussed in these forums.... lack of transparency and doing things behind my back, can't trust it.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 0) by Anonymous Coward on Saturday December 08 2018, @02:10PM
I have Sleipnir, Chrome, Firefox, DuckduckGo, Ghostery, Adblocker browsers on my phone. That link only loads in Firefox. I have no idea why.
(Score: 1, Informative) by Anonymous Coward on Saturday December 08 2018, @02:19PM
Sigh. Yes another software company sending users to an online store instead of providing the installer. The download link for Brave links to:
https://play.google.com/store/apps/details?id=com.brave.browser&hl=en [google.com]
The wording on the link is "Download for Android".
If they can't even get this right how can they be trusted?
Look at NoreVPN. They have a link for their program on Google and a link to download the apk. Is it that hard.
https://nordvpn.com/download/ [nordvpn.com]