This is an interesting example of incentive alignment — in some sense, it's in Apple's best interest to let this abuse slide since they're also profiting off of it (though obviously that's not a long-term, deliberate strategy).
This article covers it well: How to Make $80,000 Per Month on the Apple App Store (https://medium.com/@johnnylin/how-to-make-80-000-per-month-o...)
Luckily I also get emailed whenever there's activity on the account.
Kid can't remember doing it, doesn't know how they did it, was upset at themselves.
Device is locked down even harder now - as a result of looking up all the myriad settings to stop scams getting through and credit card details removed from the account.
It should be hard to subscribe and easy to lock down. Not the opposite. The default should be "no spend". And this is from our heroes of privacy: Apple.
(Not Apple bashing here; entire industry bashing. They're all grossly immoral no matter how legal it all is)
I also don't remember it being very hard to lock down purchasing using parental controls in older versions of iOS, if you don't mind me asking which version of iOS was the kid running?
The device was / is setup using my account since I'm not ready to let them have their own account - whether it's a child account or otherwise. I don't use iDevices though, so there's no security compromise between what I want to be able to with the account and what restrictions I want on the kids.
I had specified a password was required for any purchase, and to my knowledge this was still the case when the incident occurred. The additional locking down was done via the (relatively new at the time) Screen Time restrictions, plus requiring a password for ANY app installs (free or paid).
My assumption (and that's all it is) is that because the trial was free, it was allowed without a password, where the "gotcha" is the auto-pay upon trial expiry. I also assume that this subscription process was started due to an in-game advertisement dark pattern that lead towards unknowningly signing-up.
(I will accept without argument some amount of blame on the "bad parent deserved it for not observing their kids' device activity" spectrum. Also if there are additional restrictions on children's accounts - but I have my own squeamishness about setting up account details for a minor)
Since the iPhone X with Face ID, you have to double tap the side button to authorize a purchase, so it's not so easy anymore.
Fortunately, you can get a refund within 14 days, no questions asked, by going to reportaproblem.apple.com and choosing "I would like to cancel this purchase".
If you're outside the EU or it's been longer than 14 days, you can try the "I would like to request a refund" option - you will be either refunded automatically or it will be sent to Apple support for review and they'll get back to you within 48 hours. I've actually had luck with refunding an app and an IAP even when someone manually reviewed it, but YMMV.
The only thing this user does is submit articles from secalerts.co, and almost all of them are blogspam.
So if you want to take $99/month from my CC I have to approve it, using a PIN, and say how many months I am happy for this to go on for. Basically what Paypal offers to terminate subscriptions should be at the card level for all transactions.
This will stop the whole class of "forget to unsubscribe" type scams.
In the meantime hopefully everyone hit will do a chargeback which would force Google to do something.
That would help, but it wouldn't completely stop the abuse. I recently decided to try out the VPS offerings at [a major cloud provider]. I paid for one month of a VPS with Paypal, quit using it before the end of the month, and didn't pay for another month. Unlike every respectable cloud provider I've ever used, they apparently wanted me to navigate their interface to figure out how to cancel the VPS and do that. Instead they kept it running for another two months (they say), and after one attempt to contact me by email (which I missed), turned my entire account over to collections, with all the mess that entails for me.
So even preventing recurring charges won't necessarily help if the companies move to claiming that you never canceled your subscription and then trying to bill you for it later, or sending your account to collections.
As far as I had understood it, if I don't pay, it SHOULD be suspended and deleted immidiately, NOT kept running and then the provider claiming I owe them for that service.
> As far as I had understood it, if I don't pay, it SHOULD be suspended and deleted immidiately, NOT kept running and then the provider claiming I owe them for that service.
With every VPS I've ever used, this is the case. The nice ones will send you a warning before shutting it down a few days later. I'll steer clear of online.net because of your warning.
But I've never, not even once, had someone try to pull a billing scam on me. I will never consider Hetzner for anything again.
To avoid it users have to uninstall and tell the developer. Since nobody reads and understand these fine prints, charging after the trial is ok, as it complies with Google rules.
No laundry here...
A lot of these games will charge $4.99 per WEEK for access to keep playing without ads, etc.
A lot of pc games cost much much less than that.
And while I am talking about the cost of games https://itch.io/ is a fantastic place for free and cheap and pay what you want games.
I've seen this happen to a very bright coworker of mine, it's all about taking advantage of human fear.
If that were the case then nobody would fall for the scam.
They are experts in scamming people, and the people they are calling are not experts in detecting scams.
It is important to encourage people to trust their Spidey sense, most people know something seems off when these calls come in. But we need not trash people for falling for scams.
Sorry, but if you're renting out your Chrysler 300C at $550/day and it's booked (not just unavailable) for weeks at a time...
... that's not legitimate. Someone is laundering money, there. The best bit is if you're coordinating it, you don't even lose access to the vehicle, because there's no verification that an exchange of property took place.
"Sign up for this site. I'll give you $5,000 to put in your bank account. You're going to 'rent' my car, except I won't actually give you my car. In exchange, I'll give you a discount on your drugs for the next six months."
Drug addicts in the throes of withdrawal, or 'savvier'? Absolutely would go for such "deals" like this. And really, it's probably fairly low risk - the worst that is likely to happen is that Turo disables your account.
Hmmm? Hopefully from an anti-laundering perspective, right?
you mean, to your fake identity??
The I Am Rich App was totally upfront about what you get. Namely: You pay 999$ for a red gem (as I recall) on your phone's display. There was nothing sneaky or underhanded about it.
Essentially it was an app for people who wanted to prove that they have money to blow, but coughed from smoking cigars, lighted with 100$ bills.
The idiocy of it was part of the concept, but the app was very upfront about what it does and what it costs.
This is different in that you get a crappy, redundant app, which is "free", but sneaks a very expensive subscription model of which you are not aware, which is not really mentioned (or if, then in very dark patterns) and of which it's very hard to get out.
The first is, arguably, an expensive piece of conceptual art (not on the phone, but on a meta level) the second model is outright fraud.
What's discussed here is very different.
The first thing I thought of here was YouTube charging me to play music with my phone locked in my pocket.
Should Google now tell app developers what to charge? That's ridiculous.
But Google and Apple ought to require clear disclosure of price and conditions. Also, free trials shouldn't transition to paid usage without explicit authorization.
I do understand that this is a common dark pattern. But common or not, it ought to be illegal. And these bullshit apps are perfect examples of why. So is the New York Times, but that's a different fight.
In contrast, this here is signing up for one year with an early cancellation full refund. All the while tricking you into thinking it were a free trial.
Of course, Google has an incentive to maximise total Play Store revenue, so their incentives don't line up with any individual developer. But I can definitely imagine a world in which almost everyone just allows Google to manage their pricing.
I think I've seen cases of apps being unpublished for new purchases (even free ones) but still available for downloads of existing users in both Google's and Apple's stores.