Introduced in 2013, Apple’s Touch ID has made lives just a little bit easier. Program your phone or iPad to recognize your fingerprint and you can quickly unlock your device or approve a purchase. The Touch ID uses sensors to identify your fingerprint, supposedly reading sub-epidermal skin layers to make a map out of your print. According to Apple, these maps are stored locally in a secure enclave, not in the Cloud, making it difficult to access the information externally. Unfortunately, while you might think your information is safe, scam apps have found a way to get around it.
The Problem with Apple’s Touch ID
Last weekend, Apple removed three health-related apps from the store. “Heart Rate Monitor,” “Fitness Balance” and “Calories Tracker” were reportedly abusing the Touch ID feature by deceiving users. They were able to charge those with their PayPal or credit card attached to their account over $100 in fees. Needless to say, users were not pleased. After reporting the apps to Apple, they took to Reddit to voice their displeasure.
The scam was accomplished by displaying a message inviting users to use their Touch ID for several features like a heart rate measurer or calorie tracker. Once users scanned their fingerprint for the seemingly legitimate features, the apps would show an in-app purchase popup and quickly scan the fingerprint again. This led to the apps charging users for a purchase they didn’t consciously approve.
Luckily, those with an iPhone X or later won’t run into this problem. The newer editions of the iPhone lack the home button and users are required to double-click the side button instead. For those deceived by these apps, it’s now a waiting game to see if they can get their money back.
Protect Yourself and Your Wallet
Apple responded quickly by removing the apps, the scam serves as a reminder to keep an eye on what applications you’re using. Since the apps were highly-rated, it’s difficult to discern whether the apps truly worked or if the reviews were faked by those involved in the scam. However, to protect yourself when downloading a new app, you should take the following precautions:
- Read more than just one review on the app you’re planning to download to ensure that it’s safe. Consider researching the app online as well.
- Remove your PayPal or credit card information so that the app can’t charge you through in-app purchases.
- Disable Touch ID for all purchases by going to Settings > Touch ID & Passcode and turning it off.
Before you sign your life (and money!) away with your fingerprint, take the time to read the fine print and know what you’re getting into. Scams are all too common nowadays and can occur in the most unexpected of places. It’s better to be cautious than to have an app sneak in charges you really don’t want to pay.