Hacker News new | past | comments | ask | show | jobs | submit login
Apple Pulling High-Grossing Scammy Offer Subscription Apps Off the App Store (forbes.com/sites/johnkoetsier)
42 points by wallflower on Oct 20, 2018 | hide | past | favorite | 73 comments

I can understand (even if I remain skeptical) how Facebook and Twitter claim to be unable to deal with prolific abuse patterns, but how the hell does Apple write a $14MM check to a scammy top-100 app[1] without some human checking that it's legit?

[1] https://techcrunch.com/2018/10/15/sneaky-subscriptions-are-p...

It's especially damning when the article points out that some apps were removed after the article-writer contacted Apple.

Indicates that the process is clearly there at Apple, they just turn a blind eye.

But wow, I expected a lot more from the billing UI of iOS apps. You can start a billing process just by making the user click a button? IMO everything billing should require a round-trip through a standard billing App Store page just like if you were to pay something online with PayPal.

And I was especially amazed by how hard it is to see your subscriptions. I just checked mine and was subscribed to an app I completely forgot about.

Think of the kind of UI you would design if you wanted to ensure people weren't making money from others unknowingly. You'd give Subscriptions its own tab in the App Store. You'd create notifications like "You just paid $5 to <App> (Recurring: weekly)". Even PayPal's app gets this right.

Yeah, and any developer making less than $14M (which is...like all of them?) continues to grit their teeth from rejected updates over minutiae and the virtual impossibility of browsing/searching sensibly on the App Store, among other issues.

I mean, each passing month makes it more of a labor of love than a serious development platform. There are so many extremely obvious ways to scam money on the store, and yet you go through the wringer if you spend months or years meticulously crafting a well-designed app for peanuts.

Well, that’s probably exactly what happened, and now Apple is cracking down on this sort of app. They can’t just refuse to pay out that $14 mil to the app developer - these are bad user experiences that trick people into agreeing to subscriptions, but they aren’t clearly illegal. Apple does need to go through their own app review process when they want to boot an app, making sure there is a clear rule the app is not following.

It sounds like they're only cracking down after getting bad press.

> They can’t just refuse to pay out that $14 mil to the app developer - these are bad user experiences that trick people into agreeing to subscriptions, but they aren’t clearly illegal.

I haven't read the developer agreement but I'd be surprised if it's written in such a way that they don't have any discretion here. Just because it's not illegal doesn't mean it doesn't violate Apple's terms.

Ya, it's pretty ridiculous. If they simply checked every app making even $1m a year, it wouldn't take them much effort at all.

I feel like this has been some months in the making. We have an IAP enabled app (https://www.bestcoffee.guide/app) just turned a year old. When we launched last year we had no issues with our - very clear - subscription page.

Subsequent updates, however, have required closer and closer adherence to the specifics of the Apple iap guidelines. All the boiler plate text needed to be displayed, the button needs the price on it, and to be on the same page.

Overall a good change for the user but man it makes it hard to design a remotely aesthetic subscription page.

As a user, I genuinely don't care about your aesthetic when it comes to your IAPs. I want a clear-as-day notice well in advance that you're asking to take real money for non-physical goods and/or services. If some group is working to make that clearer, I'm in favor.

Agreed 100%. Hell a white page with generic Times New Roman font and generic buttons is perfect if it tells me how much I will be paying monthly, how long I am committed for and everything else that should be shown to me before I subscribe.

If you can make it a little prettier that is fine but I want the cold hard facts over some cute parallax effect when I scroll the page

To be fair, that's _at least_ up to the OS, and iOS does do this. Every in app purchase has to be approved from an OS-provided dialogue that requires hardware interaction to approve.

One problem I have seen from this was an ancestry app that prompted you to scan your fingerprint to "find your relatives", and then would prompt for IAP, which asks for Touch ID approval. Because you already had your thumb on the reader, it would more or less instantly be approved. Unsure if Apple has made any changes around this yet. https://www.reddit.com/r/videos/comments/9bxw0f/this_ancestr...

Apps don't have access to the actual fingerprint data, though. Presumably they were just using it as a login guard?

The issue is not the app getting the fingerprint data, but rather literally baiting your finger onto the reader and then switching to a Touch ID subscription prompt under your finger?

I'd bet that A/B testing would easily show that they make a lot more money if the users' finger is already on the reader from a recent press.

No, I understand that, and maybe this is just a tangent, but the parent post seemed to be implying that the app was using the fingerprint itself, and I was trying to get a clarification. (And I'm honestly a little skeptical of the story.)

Watch the video. It's a scam app. There's zero actual ancestry finding going on. It's like those scamming 'anti virus' apps for iPhone. The app has zero use for the fingerprint, apart from manipulating you into subscribing to a $100/month in app purchase subscription https://vimeo.com/287737290

I see, thanks for that extra information.

Seconded. I am very careful to make sure that I don't spend money unexpectedly in apps, and it can be pretty difficult. I'm all for any guidelines or regulations that make knowing when I'm going to be charged more explicit.

Payments should be client controlled. Rather than you giving online organizations your payment information, they should request payments from you and you could manually approve or reject them. You could give certain trusted organizations you trust an auto accept option (for instance monthly web hosting bills).

That's part of why I'd only use gift cards with very restricted budgets on paid software repositories.

I agree. We've also had many rejections due to policies that weren't clearly stated up front, such as the price requiring to be in the button rather than below it. Apple should have given 10 examples of Dos and Don'ts with screenshots. Or even give five approved templates, so you can just change the price, duration, app name, etc and you're guaranteed to be approved.

As another example, we put the terms and conditions ("subscription will renew unless canceled...") in a web view. Apple rejected us telling us to put it in the binary. We put the HTML locally, but still in a web view to display it. Is that considered part of the binary? Apparently not. We then made it plain text and didn't use a web view. But it wasn't okay, to have this behind a button. It has to be on the subscription screen. However, having it scroll off the bottom of the screen is apparently fine.

This is why it's frustrating to develop for Apple's platforms — you have to play a guessing game, where each round results in a rejection and multiple days of turnaround time. I'm considering making our app paid up front to bypass this bullshit.

Since the iOS dialog box has all the necessary information, and Apple can present it in a way they consider transparent to users, why make apps redundantly display the same information, and then reject them? The sensible thing to do would be to ban only apps that give misleading information, like Rs.10 if it actually costs Rs.100. Not giving any information in your app UI like price, duration, terms, should be fine.

"...while his app offered real value -- unlike many of the other apps caught in this App Store review change..."

Does anyone else find this comment as highly dubious and scummy as I do? Because it definitely feels to me like Mr. Koetsier isn't reporting objectively about a user-focused policy change, but rather just telling us that he's upset because his friend's subscription scam didn't work out thanks to Apple actually policing its Store in the users' favor.

No, because of the rest of the sentence:

"...the subscription flow would have easily saddled people with subscription charges that they might not have known about."

Good, an older friend of mine that barely knows how to access the appstore got charged 70€ a month without having any idea why.

This stuff makes my blood boil. However much I appreciate free markets in general (which is quite a bit) I don't think vulnerable users should be sacrificed on an ideological altar. Good for Apple stepping up here.

Actually both of your positions aren’t contradictory. Free markets are predicated on free flows of information: fully informing people of what they are potentially buying or agreeing to is not inconsistent with free markets. I’d argue that misleading information is really not a free market thing at all, quite the contrary.

If your app is worth the money, you should gladly accept the price. The fact that some apps use “tricks” means that their app isn’t worth what is being asked.

I'd personally agree, but a great many people who claim to be for free markets are in practice for unregulated markets. Their theory is that the invisible hand will optimize all things. To me that sounds more like an invisible magic sparkle pony.

Having worked for financial traders, I got to see up close that some of our most effective markets are very tightly regulated, and for good reason. If a market participant can trust the deals on offer, trades are fast and frequent, and sellers compete on dimensions like price and quality. But if a seller can do well by scamming, that not only harms the people they trade with, but the market itself, in that trust is reduced. That raises costs for all buyers (because they have to do more verification work before each trade), and puts a burden on all sellers (because they have to work harder to prove they're not evil). It also reduces turnover, as increased risk means fewer deals done.

So for me the question is how we get a free flow of accurate information. I think the obvious answer is tight regulation with a willingness to sanction deceptive actors. But for a lot of people, and they seem especially common here, that kind of regulation is anathema, as to them it's the opposite of "free".

In this same vein, apps that goto v2 then v3 under new app names (i.e Omnifocus) also feel a bit scammy. I understand the monetize angle, but they could be alienating users with large repurchase fees.

Can you please expand your reasoning about this? Developing major new versions of software costs money, it has never been the case in the entire history of the computer market that one general retail purchase of commercial software would get you all updates of all kinds forever. It's normal that all minor updates are free, and the next major version is a paid upgrade at a marginal difference to full retail. This is economics that both matches people's common sense ("I'm paying for the improvements and another period of minor support, but not what I already paid for") and has favorable economic incentives (upgrades are not guaranteed, the developer does in fact need to convince people it's worth it).

In one of Apple's biggest most stupid and infuriating utter fuckups of all time with the App Store, they eliminated this whole mechanism by offering no upgrade support. But the need to get ongoing revenue for updated versions didn't go away, so devs do what is allowed within Apple's stupid system. They either make it subscription, or they create a "new" app where the major version number is part of the name and sell it again, maybe averaging out the price (or offering a reduced fee for the first week say), or some other suboptimal system (new features get introduced incrementally as IAPs say).

It's not even the slightest remotest bit "scammy" though. To take your own example OmniFocus v3 is a major update following years and years of support of v2, it's completely reasonable it'd be a paid upgrade. And the Mac version, on Omni's store, is a paid upgrade (or a free upgrade if you bought it in the last year, outside of Apple's garbage market you can do stuff like that) for owners of v2 (they can keep using v2 of course). It's just "OmniFocus" regardless though, this is hardly some weird thing. It's just that on the App Store they are forced by Apple to do something else.

The issue is how the process is perceived by the user. The average user is not going to understand why a new app has to be installed/purchased. It is perceived by mass as a bit scammy. Personally, I would rather pay a yearly subscription similiar to adobe than to have to repurchase every new update.

> The issue is how the process is perceived by the user

Goddamn kids. Paying for “Omnifocus 3” seems totally intuitive to me. Paying for major version updates is just how things were back before free/ad-sponsered crap killed the market for software.

Subscriptions are the real scam, because one pays a lot more for what turns out to be marginal improvements in very simple software. Wtf would one subscribe to a todo app or a text editor?

When paying for major version upgrades, it's very clear what one is paying for.

Perhaps, but the answer to this is the platform having support for the correct model. Right now the only way for the developer to get paid in the iOS App Store is to do what Omnifocus (among many others) has done. If Apple's purchase model had evolved from its beginnings in 99¢ flashlight apps, the customers wouldn't have to be confused.

>The average user is not going to understand why a new app has to be installed/purchased. It is perceived by mass as a bit scammy.

Please cite your source for this, seriously. There are a lot of derogatory assumptions about "average users" and "the masses" that float around on tech boards (including HN, but it's been a thing since nearly the beginning) that just aren't justified. Particularly not when talking about specific subsets, in this the subset of "the masses" that pays a high premium for Apple products and then pays for apps in the first place and has selected one specific developer's app in particular. Non-technical people are not entirely mindless and ignorant. They are not all entirely unfamiliar with the idea of "things are not free to develop forever."

In fact I'll expand that and point out that your attitude of being afraid to ask for money is one of the major, always repeated things to watch out for that comes up in nearly every single advice article/blog/whatever on starting up a business (including just a personal consulting operation) and making it work. One has to get over the fear of "driving off users" to some extent and that it's somehow rude to ask for money and other such feelings and just charge. And charge a lot even! Yes some people will go away but they're worthless as users anyway. If it's a good product then actual valuable customers will pay for it.

>Personally, I would rather pay a yearly subscription similiar to adobe than to have to repurchase every new update.

And I find your attitude mind boggling. I'd rather the exact opposite, and loath the spread of subscription models where you are locked in forever whether you find new updates valuable or not and changes the economic incentives for the developer from having to earn your money each paid upgrade to being able to count on your money even with no updates because if you stop paying you just lose it all entirely. It removes a core natural feedback mechanism on what really matters to customers.

Why is 3 a major update?

I upgraded OmniFocus 1->2, but won't upgrade 2->3, because I don't consider it worth 20€.

The only useful new feature is batch editing, which was quite honestly overdue... And it still doesn't support an "end repeat" date!

Things 3 seems much better featurewise.

>Why is 3 a major update?

Because they consider it a major upgrade, hence the major version number changing? It has a major new UI rework and features? If you don't like those things then it's not a valuable major upgrade to you, which of course is the market working exactly right, but it's still a major upgrade. OmniFocus 2 was released May 2014, so over 4 years ago. That's a plenty long free support period.

>The only useful new feature is batch editing, which was quite honestly overdue... And it still doesn't support an "end repeat" date!

>Things 3 seems much better featurewise.

Then get Things 3! Like, wow, blub has just discovered for the first time that competitive products can be different, and get updated to different degrees, and that there might be reasons to pick one over another one! Who knew right?

xoa, I think you've gotten lost in your own argumentation: besides saying that paid upgrades were not a scam, you were also trying to convince newtacamp that charging money for the OmniFocus v2 to v3 upgrade is perfectly reasonable, if you remember...

You claimed that "developing major new versions costs money" and that "it's normal that all minor updates are free".

So far, so good, but the fact whether v3 is a major new version in anything but name seems to be critical to the soundness of your argument. I have v2 and the v3 trial on my device, and unless changing the icons and moving or adding a few buttons counts nowadays as a "major new UI rework" this app did not in fact go through a major UI rework. Neither does it have any groundbreaking new features, rather it's playing catch-up to Things v3 from more than one year ago.

OF v3 is not worth the 20-30 EUR IMO. I do have Things 3. These guys did do a major UI upgrade when they launched it and still managed to charge one third of the OmniFocus upgrade price for the new app.

AppStore upgrade pricing is not a scam, but it's still complicated to get right and can alienate users. I've given two reasons why in this thread: family sharing for IAPs and features / upgrade price ratio.

>besides saying that paid upgrades were not a scam, you were also trying to convince newtacamp that charging money for the OmniFocus v2 to v3 upgrade is perfectly reasonable, if you remember...

I don't think I've gotten lost, but to be clear, to me "perfectly reasonable" does not mean that it's "a good value". I'm not arguing that OmniFocus 3, or for that matter OF or any other Omni apps in general, are something that anyone here should buy. You can all evaluate that for yourselves. newtacamp merely used that specific piece of software as an example. The point is that it's been years since the last upgrade, the older versions have been well supported with minor updates, and Omni considers v3 to be a major upgrade. If you and others do not then that's the market working as intended!

>AppStore upgrade pricing is not a scam

App Store "upgrade pricing" does not exist. That's the whole issue. On their store for the Mac app Omni offers 50% off upgrades from v2 to v3. In general historically and today most upgrade offers are heavy discounts at least for -1 versions (some places differentiate between -1 and -2 or -2++). But unlike subscriptions if you think they haven't earned the fee from a paid upgrade you don't have to pay it, that's not some side "excuse" that's the value. In fact in normal stores "cross upgrades"/crossgrades are a thing adding even more competitiveness, a competitor can allow possible new users to "upgrade" from a licensed copy of a competitor to their own software instead. All this is valuable to a vibrant market. newtacamp argued that a major upgrade being charged for is "scammy" ("repurchase fees" is also derogatory) and by implication argued that alienating users who won't pay is somehow a problem. I disagreed, and still disagree.

Well there’s a simple response to that... don’t upgrade. No one is forcing you to.

This is a discussion about AppStore monetisation using OmniFocus as an example.

The original claim that upgrade pricing is a scam can be trivially disproved. My claim is that coming up with an appropriate upgrade strategy is easy to get wrong and customers can still feel that these upgrade prices are unjustified, which does pose a problem for the company making the products and for this method of monetisation too.

What I will do doesn't really matter, but it's reasonable to assume I'm not alone in thinking like this.

That's non-responsive to the point of this particular paid update being one of the crappy ones.

Eventually, he's going to have to shell out for the upgrade just to get something that had the right option in Xcode selected so he can still run it, despite an almost complete lack of new features or anything that actual development time was spent on.

>Eventually, he's going to have to shell out for the upgrade

Or if he doesn't like it he could switch to one of the many other options. Or something open source, which can then be maintained himself if he wishes. That's part of the core point of open source you know? That one doesn't -have- to shell out for upgrades is why upgrades are good compared to subscriptions. If a developer puts out a bad paid upgrade, they get the most direct and unignorable form of feedback there is: less money.

>just to get something that had the right option in Xcode selected so he can still run it, despite an almost complete lack of new features or anything that actual development time was spent on.

Thanks for telling us that Apple promises backwards compatibility with all Mac software forever and that there are never any development maintenance of any kind required except "selecting the right option in Xcode". This was really news to me but will certainly make things a lot easier going forward now that I know nothing ever gets deprecated and removed from the OS over time.

I’m not sure what is scammy about that. That is how software was purchased for decades. ie, photoshop 1-7 & CS 1-6.

It’s not like version x-1 stops working and forces you to purchase the new one.

A lot of times if you update iOS, the app does stop working.

Then don't update iOS and turn off updates if you have a mission-critical program running on a particular device?

Lots of updates include security updates. You're saying I should choose to be less secure so I don't have to pay for an app? That's asinine.

It's not about paying or not paying - if you want to give them money for non-physical goods and/or services, that's entirely your choice. It's about being positive that some outside force isn't going to come along and force your entire workflow to change for what amounts to their whimsy.

No, he's saying you should pay to update to the latest version.

This notion that something you bought 8 years ago needs to continue to work, even though the operating system that it runs on changes, is just not reality.

That's not what I'm getting at. I believe in crystallized design. Once something is fixed, don't go breaking it. If any changes for any reason break something I need, I'm not introducing those changes into my system, because I need it to work, and I need it to work the way it works right now on my setup - not the way some other fool thinks it should work in the future. So yes, I do believe that something I installed 8 years ago, which has worked perfectly for the last 8 years and has become foundational to my workflow, needs to continue working the exact same way it has.

I’m fine with this as long as your device is forcibly removed from the Internet when security fixes aren’t installed, or when it’s out of the period where the vendor provides security patches.

I disagree. I should be allowed to take on the burden of my own security. I don't want an outside force trying to pretend they know my needs better than me. You can produce a product, and I, the user, should have 100% decision on how and for what purpose I will use that product.

Sorry, but this mentality is the same one that would argue that any vehicle should be road-legal, even if it hasn't passed a smog inspection, doesn't have working brake lights, and its turn signals are green and purple.

If you want to use shared infrastructure, you have to abide by a minimum set of requirements that ensures the safety of everyone else around you, end of story.

Then make sure there's a way to preserve all settings and function from older versions. Tell me if I'm using something "unsafe", let me get it out of the way once and then leave me alone. Don't cut out functionality, don't change the UI, don't break what wasn't broken.

I’m annoyed about 1Blocker coming out with 1Blocker X a couple weeks after I bought the app. And now, even though 1Blocker works fine, they updated it to spam me anytime I open it with adverts about their new program. I understand it costs money to develop but I literally just paid them.

And I mean the name, 1Blocker - I think it was marketed at some point in time as the only blocker you'll ever need, just for them to release a new version with a new name.

It cost them money to code in the annoy-o-tron ads :)

Hah yeah of course it did! It's weird, the worst that would happen back in the day was a program on your PC would get abandoned. On iOS, you're liable to download an "update" to something (like Galaxy on Fire 2 HD, which WAS a great space game for iOS) and suddenly it's been acquired by a new company, and the $9 you spent has been turned into a F2P garbage, ad-ridden experience.

Tweetbot has done that too - conveniently right before twitter cut off some api access making the app just an expensive ad free twitter client. I have no doubt they quickly pushed out v4 just to get a bump of cash. V5 just came out too (although this time a free upgrade).

v5 does prompt for an IAP (they're calling it a tip)

Personally I paid the highest option ($4.99) because I know I've gotten plenty of value out of it, but I suspect most won't and there'll be pitchfork gathering about their "spammy popups"

I paid for the upgrade just before deprecation of the API and except Tweetbot, and now their spammy pop ups are turning my admiration to annoyance and worse. The only reason I see for it is that they have decided they product (through Twitter’s actions) is doomed and are trying to milk has hard as they can.

It's not scammy, but it's certainly expensive in the case of OmniFocus.

Now I have the option of paying ~20 EUR for 2->3 and it's not really worth the price for the kind of features one gets.

Another annoying thing is that IAPs aren't subject to family sharing, so one is essentially buying a really expensive todo app (40-50 €) that only runs on one or two devices.

They do have an unique feature as far as I know: local encryption.

In the end v2 is still working fine, so I can't complain too much.

OmniFocus is far more than a basic todo app, if you are using it as one then I think you are using the wrong tool (or at the very least, a very expensive and unnecessary tool).

I was a big fan of OmniGraffle years ago and paid either $200 or $100 for it. Then I got hit with something like this and never bought another Omni product.

I do pay for lots of other software with cleaner models (Jetbrains is a good example).

The exact same thing happened to me with OmniGraffle.

The old version still works, which is great, but OmniGroup probably won't get any more money from me for that particular product. Customers like us will likely pose some problems for companies like Omni, so I don't see why several people are trying to dismiss these stories.

I don't agree this is even remotely the same. The expectation of free updates for life isn't always reasonable.

As a user of hundreds of programs with no direct cost for updates decades after purchase, I find this perfectly reasonable.

I didn’t say free as this cost is included in the price at purchase. Vendors can be explicit about their fees and updates and let me choose to buy or not buy.

There’s lots of markets with natural charge points for updates (windows and office for example). A vendor not calling out the price for updates and then renaming and stopping updates is sleazy definitely and maybe scammy.

There are lots of models for software with pros and cons. The only thing that really tweaks me is the bait and switch after my purchase. Or the exploitation of an implicit allowance to my detriment.

Theoretically Mac has been providing updates to purchases made in 2000[0]. Granted, they used to charge and I doubt you have hardware that will still run the updates.

Microsoft patched Server 2003 in 2017 [1].

Not to mention the reason why lots of OSS is still used because it allows “free updates for life.”

There’s no such thing as true free (tnstaafl), but there are lots of companies willing to be clear about update costs.

[0] https://robservatory.com/a-useless-analysis-of-os-x-release-...

[1] https://docs.microsoft.com/en-us/security-updates/securitybu...

We're talking 2 different things. You're pointing to examples of bug and security fixes. When I say updates, I'm referring to new and improved functionality. (in other words, probably a terminology issue: "update" vs "upgrade")

Software like Omnifocus 3 adds new functionality, or as you put it, "natural charge points for updates".

Mac OS has feature updates. Those were just two examples and it’s not just security.

I’m not against charging for feature updates, I’m against companies lying “Omnifocus costs $xx” and then changing their mind later to charge a new price even if you only want security updates.

> they could be alienating users with large repurchase fees

You’re under no obligation to repurchase the new version.

How can Apple let people accidentally make purchases? Wouldn't anything charging to your credit card need an Apple pop-up with the listed price/rate to appear and you to accept it? I know people click "OK" to anything, but this seems obvious. I don't use an iPhone, so I'm not sure how it works but it seems pretty sketchy to allow apps to make arbitrary charges without any user confirmation.

This is probably part of the reason that the payment popup became much more obtrusive (and incidentally nicer) in iOS 11. It doesn't look like a normal alert anymore.

Apple themselves should promote their own native features more. For example, the built-in Notes app has fantastic document scanning already built in. Paying for a document scanning app is just mindless (generally.)

Why did it take so long? Scummy apps have existed for years.

Not only apps. There is a reason why the principle of “caveat emptor” was already known to the Romans.

And your question is answered by the article: Now, Apple might get bad press over it.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact