betanews
Latest
iTunes fraud surge hits gift card balances, PayPal accounts
The frustration and questions surrounding iTunes App Store purchase fraud are (unfortunately) continuing. Over the past three weeks, we've received several first-hand reports of accounts with positive gift card balances being unexpectedly drained; often the charges are for in-app purchases for apps such as Section8's World War, Sega's Kingdom Conquest or Kamagames' Texas Poker. Even as Apple is pushing forward with iCloud, questions remain about the security and safety of those millions of accounts. You can read the examples on Apple's discussion boards (stretching from November of 2010 until this week), a series of posts over at Betanews, or coverage at PC Pro -- but many of the stories are similar to the one below. Users who funded their accounts with gift cards saw those balances chewed through with unauthorized purchases; one user with PayPal funding for his account saw over $500 in fake purchases. The in-app buys were for apps the users never downloaded; most claim that their passwords were never compromised and only used for iTunes. Even if phishing or password compromises can explain some of the purchases, it's hard to imagine that all of these accounts were cracked. Here's our first example, from mid-May. If you have similar instances, let us know in the comments or send us a tip. We're asking Apple's media team for answers, if there are any to be had. I bought a $15 iTunes gift card from Apple so I could buy a chat app (Verbs). I also purchased some other apps (Monopoly, mostly because it's cheap, Bumpy Road and loaded a few free apps) which left me with roughly $7-ish dollars remaining in my account. On 5/19, the following happened: I noticed that my store credit had decreased to 51 cents when I went to purchase another app, but thought nothing of it. Actually, my initial thought was maybe a purchase from the past had caught up with me. I wasn't sure. Later that evening I received an iTunes receipt email to the tune of a $99 in-app purchase for a game called "World War". I immediately tweeted about the issue and changed my password. From that I was able to glean info that the app was purchased on 5/18 at 7:59pm. A free app called World War and then a $99 in-app purchase for "1700 honor points." The strange thing is I've never downloaded nor purchased this app myself, it doesn't even exist on my device so this is not a case of the smurf-berries. I emailed Apple support and went to bed because their human-powered support line was closed by 10:30p. Today I called Apple support and was on the line with them for close to 30-40 minutes. I explained everything above to the support person, who at the same time was IM'ing his iTunes store support contacts. They asked me when I had purchased the gift card, I told them at/around the 13th and what my first and last purchase was. I told them the first purchase was for Verbs, the last was Bumpy Road. They investigated further and noticed that prior to the free app + in-app purchase that two $50 store credits were put into my account. At which point the free app was "purchased" along with the in-app purchase of $99 (which equaled to $108 with tax). This raised a flag with them and their Support Manager and they immediately froze my account and escalated my case to Apple's Fraud Dept. The support person says this was the fastest occurrence of this that he has ever seen and he along with others had to deal with the Smurfs case. I'm convinced that they will refund the $7-ish dollars that was there before and they mentioned that the account should only be closed for 24-48 hours. During this time they will be investigating this issue and trying to piece together this on their end. Right now I'm less concerned with the refund and MORE concerned with the app developer and whatever scheme is going on. As for the advice they gave me, basically to change my password (yadda, yadda) and turn off in-app purchases in Settings. They could not, however, explain to me how a free app + in-app purchase was associated with my account. The developer of the app, Section8, are the same outfit who were sued over stealing user data.* A second example, this one featuring multiple PayPal charges totaling over $500: I basically started receiving emails from PayPal saying "You have just sent $44.95 to iTunes" and I was shocked because I did not buy anything. I immediately logged into PayPal and cancelled my payment agreement with iTunes. I received 11 charges of $44.95 each. I have filed a complaint with iTunes and PayPal but I have not received any reply yet. From what I read online, it seems like it is not clear if iTunes has been hacked or if the Sega software used for the hack (which I never downloaded) has been compromised. I never had the feeling that my account had been compromised before. Everything worked perfectly fine, never had strange emails, phishing attempts, etc. Our final report, with gift card balances being drained: Shortly after loading $50 of gift card credit on my itunes account, a remaining balance of $37 (after some earlier purchases) was wiped out by Kamagames Texas Poker chips. I googled the problem and it seems like many many people have experienced the same thing, and a snotty response from Apple about it as well. Everyone affected seems to have been gift card users, or those with a positive itunes balance, rather than money being charged to a credit card. I don't understand how this kind of fraud is being perpetrated but I am angry with Apple for not coming clean about it and explaining the problem given that it clearly seems something more specific than stolen usernames and passwords... The forum linked above is just one of many reporting this issue which seems to have started earlier this month.
John versus Joe: iPhone earnings smackdown edition
Apple naysayers are a dime a dozen these days. I keep a few in my garage just so I can laugh at them when I wave my iPhone in their general direction and they all cry in unison, "The Zune phone is so totally going to be an iPhone killer. You know, if and when it comes out. Just wait and see." Rarely do Apple naysayers come with more unintentional hilarity than Joe Wilcox from Betanews, who, alone among reporters everywhere, uncovered a media conspiracy on a scale not seen in recent memory. Namely, contrary to what literally everyone else has reported, Apple was in fact NOT more profitable with the iPhone compared to all of Nokia's cellphone business during the recent financial quarter. John Gruber from Daring Fireball saw Joe's post, and with his response laid the smackdown on Joe's analysis. Gruber's post boils down to castigating Wilcox for ignoring Apple's statement of non-GAAP earnings. Basically, Apple's subscription-based accounting for the iPhone spreads its revenues out over several quarters, which it expresses in GAAP (Generally Accepted Accounting Principles) earnings. These are the earnings Wilcox looked at and said, "Wait a minute! Apple didn't make that much money at all! Murder most foul!" If you want a real idea of what Apple actually made with the iPhone over the quarter, you have to look at the non-GAAP earnings. This is something I figured out back when I edited earnings press releases for PR Newswire, and something anyone who reports on financial matters really ought to double-check before protesting to one and all that something foul is afoot. Wilcox updated his post after Gruber's response, but his rationale is almost as funny as his initial post: I chose to use the GAAP figures because a) Again, that's what Apple is supposed to report; b) It made for a simpler analysis; c) Apple recognizes previously deferred revenue with the quarterly results; d) According to Apple SEC filings, deferred revenue is for more than just iPhone and Apple TV. The last two points are paramount. In other words, a) It's the SEC's fault, not mine; b) like Gruber said, I didn't bother reading past the first paragraph of the press release; c) I also didn't bother parsing through the reams of financial tables that come with every quarterly financial press release; d) Gruber is wrong and Apple TV is totally selling like hotcakes. I showed Wilcox's post to the Apple naysayers I keep chained up in my garage, and they just kind of turned away scratching their heads awkwardly. I don't think that's a good sign for the supposed "misreporting" of Apple's iPhone profits that Wilcox thinks he's uncovered.
MobileMe not so pushy
Many commenters and bloggers hither and yon have noticed that MobileMe lacks "true push" capabilities, even though Apple uses the "push" buzzword extensively to describe MobileMe services. A commenter in a MacRumors thread about the subject took screenshots from Apple's site, showing they had removed the phrase "Push happens automatically, instantly, and continuously." In its place, Apple clarifies that changes from the iPhone and web apps are updated instantly on connected computers, but not vice versa. Apple also notes in a Knowledge Base article that changes "made on your computer will be synced to the MobileMe 'cloud' once every 15 minutes (or every hour in Mac OS X 10.4.11)." That, to me, doesn't sound like "push," it sounds like "sync." The term "push" still applies, however, to me.com email, as that shows up immediately (in my experience, at least.) Calendars and contacts, though, not so much, apparently. [Via BetaNews.]
