【2012 Archives】

Some cracks012 Archivesbeginning to appear in Apple's "walled garden."

Apple pulled hundreds of junk apps from its store after the TheNew York Timesreported about the rise of knockoff shopping apps from Chinese companies that aim to trick users into thinking they were associated with brands such as Foot Locker and Nordstrom.

That so many counterfeit, even malicious, apps could even get into the App Store in the first place was once unthinkable. While Android has combatted bogus apps for years despite its own developer policy changes, Apple's App Store was always thought to be a safe place.

We now know that's not always true. Last year, malware was found in dozens of apps in the App Store (all of which were promptly removed by Apple). And the latest crop of fake apps, some of which may have been designed to steal personal information, prove it wasn't an isolated incident.

While it is tempting to lay the blame wholly at the feet of the unscrupulous developers behind the software, Apple also bears much of the responsibility for letting the apps slip into its store in the first place.

Apple has streamlined its app approval process dramatically, particularly in the last year. The result is that apps are approved much faster and with less individual scrutiny than before. Apple's reviewers are more focused on rooting out malware than checking for counterfeit apps, according to The New York Times. As a result, developers who previously may have waited days or even weeks for a single app to be approved now find their submissions take about a day.

Apple's Phil Schiller, who heads up worldwide marketing for the company, told John Gruber earlier this year that half of all submitted apps are approved within 24 hours while 90 percent are approved within 48 hours. Currently, the average wait time is around one day, according to App Review Times, a website that tracks review times based on anecdotal data from developers.

Schiller credited the shorter wait times to new internal measures like "staffing changes," as well as vague "policy changes," though he didn't elaborate on what those were. Gruber explains (emphasis our own):

One thing he emphasized, however, is that the rules for apps haven’t changed at all. If anything, Schiller claimed, with the new tooling at the disposal of reviewers, reviews are even better at identifying apps with quality problems than before. The impression I’m left with is that reviewers are now given more discretion to fast track apps from long-time trusted developers, once their binaries have passed Apple’s automated tests.

While it's impossible to judge Apple's automated process without further details about exactly how it works, what is clear is that it's not nearly as effective as it could be. Making approval times faster had the unintended consequence of letting knockoff and even malicious apps into the App Store, against the company's own policies. Even at relatively small rates -- Apple handles thousands of app submissions a day -- this should be unacceptable.

In a statement provided to Mashable, the company said it takes security "very seriously" and that it has "set up ways for customers and developers to flag fraudulent or suspicious apps, which we promptly investigate to ensure the App Store is safe and secure."

But relying on users and developers to police fraudulent apps places an unfair burden on developers to defend their apps and users to be savvy enough to spot fakes in the first place.

Faster approval times have undoubtedly been a positive improvement for most developers. It means app creators, the vast majority of whom have good intentions, can make changes and fix bugs faster. Users also benefit as they're less likely to experience problems and can get updates faster.

But, if Apple hopes to maintain its reputation for high quality, it needs to strike a better balance between keeping App Store approvals timely and paying more attention to what it approves in the first place. If it doesn't, the junk apps will just keep flooding in.