Most smartphones come with free QR code-scanning software. But that hasn't stopped 'fleeceware' makers pedalling QR code reading apps, such as one with a 3-day trial then $41/month cost.
Most smartphones come with free QR code-scanning software. But that hasn't stopped 'fleeceware' makers pedalling QR code reading apps, such as one with a 3-day trial then $41/month cost.
Warnings are being sounded over increasingly aggressive "fleeceware" apps that flip onto outrageously priced weekly or monthly fees, charged to your credit card, once a free trial period expires.
Security software company Avast, a global leader in digital security and privacy says it has discovered more than 200 new fleeceware applications on the Apple App Store (listed here) and the Google PlayStore (here) as recently as March 23.
The apps have been downloaded approximately one billion times and accrued more than US$400 million ($538m) in revenue so far, Avast says, quoting figures from app market researcher Sensor Tower.
New Zealand ranks as the second most affected country after Australia with more than 2 million downloads of fleeceware apps, across iOS and Android, costing New Zealanders more than US$1.4m ($1.9m).
Avast says it reported the fleeceware applications to Apple and Google for review - but a spokesman for the seurity company said today that neither company had responded and that a majority of the apps it had flagged were still available on both companies' app stores.
The applications attract users with a promise of a free trial, with an unusually high subscription fee attached.
Once the trial is over, users are charged a recurring subscription fee - even if they deleted the app by that time - until they cancel the subscription in their device's app subscriptions settings.
Most freeware subs are in the US$4 to US$12 per week range, which adds up to US$208 to US$624 per year, but Avast also found one fortune-telling app that costs US$66 a week which is "a ludicrous US$3432 per year", Avast said.
These fleeceware applications are actively advertised on major social networks such as Facebook, Instagram, Snapchat and TikTok, Avast says.
"The fleeceware applications we've discovered consist predominantly of musical instrument apps, palm readers, image editors, camera filters, fortune tellers, QR code and PDF readers, and 'slime simulators'.
"While the applications generally fulfil their intended purpose, it is unlikely that a user would knowingly want to pay such a significant recurring fee for these applications, especially when there are cheaper or even free alternatives on the market," said Avast's threat analyst Jakub Vavra.
Hidden in the fine print
Apple and Google have rules for developers that cover fleeceware, says Martin Cocker, chief executive of the Crown-backed cybersafety agency Netsafe.
The Google Play Developer Policy Centre says developers "must not mislead users about any subscription services or content" and the Apple App store guidelines state the company "won't distribute apps and in-app purchase items that are clear rip-offs", the Netsafe boss notes.
Netsafe chief executive Martin Cocker: "It's also worth noting that legitimate free trial periods on software or apps is an effective marketing strategy."
"The problem is that the only difference between fleeceware and reasonable free trial offers is that fleeceware costs tend to be excessive or hidden and hard to cancel," Cocker says.
"This difference can be hard to detect, so it's important for consumers to know that some apps in the stores could be fleeceware."
Netsafe has the same advice as Avast for avoiding Fleeceware. That is:
• Ensure that your payment methods are locked behind a password or biometric check to prevent accidental subscriptions by children.
• Be suspicious of free trials of less than a week.
• Make sure you understand how much you will be charged and that the app is worth the recurring fee. Is there a lower-cost or even free alternative?
• Be sceptical of viral advertisements for apps. The advertisements for fleeceware are likely to have enticing messaging and images to attract users' attention. They likely do not reflect the actual functionality of the application.
• Read the small print. A closer look will likely reveal the true price of the app. Read the application's details carefully, paying close attention to the "in-app purchases" sections, and whether payments are automatically repeated.
'Freemium' is often legit
Lastly, Cocker says we shouldn't tar all "freemium" apps with the same brush.
"It's also worth noting that legitimate free trial periods on software or apps is an effective marketing strategy, and provides value to consumers who get to try products before they buy them," Cocker says.
• To check past purchases: App Store > Apple ID (upper-right corner) > Purchased
• To check past purchases (with payments): App Store > Apple ID (upper-right corner) > Apple ID (your name/email address) > Purchase History (Scroll down a bit)
• To check active subscriptions: App Store > Apple ID (upper-right corner) > Subscriptions
Android (the Google software that runs most other phones and tablets)
• To check past purchases (with payments): Play Store > Hamburger icon (upper-left corner) > Account > Purchase history
• To check active subscriptions : Play Store > Hamburger icon (upper-left corner) > Subscriptions
