There are rip-off apps in the app store, enticing people in with a free trial period, which after a short period of time is automatically converted into an expensive subscription. Fees are still charged even after the app has been deleted – the term for this is “fleeceware”. What is fleeceware’s business model and how can you protect yourself against it? You can find out in this blog article.
Spyware, adware and malware are familiar terms, but what is fleeceware? Sophos researchers coined the term when they were investigating a group of apps which were charging users grossly inflated prices for simple applications. These apps lured people in with a trial period, which quickly turned into a paid subscription. The same or similar functions were often available in other apps at much lower prices, or even free of charge, for example, a pocket lamp app costing 10 Swiss francs per week or a barcode scanner for 100 Swiss francs per month. Other examples are simple photo and video filters or editors. A list of fleeceware apps can be found here.
Fleeceware apps can be found in the official app stores. They are tricky to spot, as there is usually no malicious code in the app and the user is not asked for unnecessary permissions – in a nutshell, there is nothing similar to malware that could be intercepted by Google and Apple security checks. Technically, they do not breach the app store rules as they do not contain any overt malware, and they are not PUAs (Possible Unwanted Applications). They fall into a grey area.
App stores provide developers with the opportunity to make paid apps available free of charge to users for a trial period. The apps can then be uninstalled if you don't like it. However, the guidelines specify that first of all, the user must explicitly terminate the trial period. Just deleting the app is not sufficient to terminate the subscription. If this is not done, once the trial period is over, the app is considered to have been purchased.
Fleeceware apps flagrantly exploit this situation in the app store terms and conditions. They attract people with a free trial period, which after a short time, usually three days, is automatically converted into a paid subscription. Additional traffic is generated by paid advertising and the app reviews are often paid for. The terms and conditions are hidden in the small print or the app's terms of use. Virtually no one ever reads them, so often, many users only realise that they have entered into a subscription contract when it's too late. On top of that, many people don't understand that, to terminate the trial period, this will have to be explicitly communicated. They just assume that by uninstalling the app, this results in cancellation. In the meantime, the fees will continue to accrue.
Fleeceware apps often flout the standards set by Google and Apple on how in-app purchases and subscription fees have to be presented within the store. For example, users are offered a trial period, but as soon as they open the app for the first time, they are asked to make a payment, or they have to log in and provide their payment information before they can run the app.
A few years ago there were even iOS fleece applications related to TouchID. Users were tricked into confirming something in the background, but payment was approved. Since then, Apple has banned this kind of baiting. There is a new trend for fleeceware apps to switch from annual subscriptions to monthly or weekly fees so that payments are confused with other app or streaming subscriptions.
If an expensive product can be tried out free of charge, it will attract a great many users. Fleeceware uses this fact to its advantage. What’s more, there is a general reluctance to check GTCs closely. So how should you protect yourself from fleeceware? The following tips should be borne in mind when installing apps:
Sooner or later, you are bound to come across a fleeceware app. Be suspicious of free trial periods and follow the tips above to avoid falling into the subscription trap. Then nothing will stand in the way of downloading.
We would be happy to continue providing you with information on current topics related to cyber security. Register now for our blog updates to make sure that you never miss a blog article again: