Overview of Fraud in the Play Store

In Empello, Private by Louise

In 2021 Google removed 151 apps from the Play Store following an investigation by an independent company

More than 10 million downloads of these Apps took place across 80 countries and had premium rate charging associated to them up to $40 per month

This is not an isolated incident and continues to this day.

Another company publicly reported 75 in September 2022, and another, a further 16 in October 2022.

Empello monitoring manually tests new Apps in the Play Store on a daily basis, performing more than 1000 tests a month

We test in more than 30 countries worldwide using our own test network

We regularly encounter between 50 to 150 Play Store Apps every month which initiate an auto subscription to a carrier billed service in 1 or more countries in our test network

Approx 5 to 10% of our testing uncovers a rogue app in the Play Store that bills customers without their consent or serves a misleading advertisement.

The vast majority of these auto subscriptions take place in markets or on carriers which have not implemented an anti-fraud solution such as Empello’s FraudStop.

Empello monitoring also identifies apps that attempt to perform and auto subscription but are unsuccessful in that particular market. 

We know when a service is attempting to subscribe us, but the process does not complete due to anti-fraud measures which may be present in that market. Unsuccessful auto subscriptions are typically blocked by an anti-fraud solution such as FraudStop.

However, an attempted auto-subscription indicates that the app tested may well be auto subscribing in other markets which are unprotected, and we have not tested in.

An additional 5 to 10% of our in-app testing uncovers an app that attempts to subscribe the user but is blocked by an anti-fraud solution. 

Therefore, the number of rogue apps we identify in the Play Store in any month can reach almost 20% of our testing.

Empello In-App Testing

Since Nov 2019 Empello has added a total of 2025 PlayStore Apps to our FraudStop blacklist to protect customers against being charged without consent (data correct as at 30th Nov 2022).

A typical auto subscription is shown below. After installing the app from PlayStore we immediately received the OTP SMS and the welcome SMS for the subscription.

Furthermore, the customer does not have access to the content after making a purchase.

In-app testing takes time and patience. For each test the app needs to be installed on the test device and we need to wait for an auto sub to take place. These do not necessarily take place immediately. Test devices can only host a finite number of apps, requiring us to constantly refresh the app portfolio on our test devices as well as track which app is responsible for any non-compliant behaviour.

Sources: https://www.forbes.com/sites/gordonkelly/2021/11/04/google-android-new-security-threat-millions-affected/?sh=36fb433b4deb

https://9to5mac.com/2022/09/26/app-store-ad-fraud-apps-scam/

https://arstechnica.com/information-technology/2022/10/google-play-apps-with-20m-downloads-depleted-batteries-and-network-bandwidth/