Apple App Store Security ‘Like Bringing Butter Knife To Gunfight’

Matthew Broersma,
The Tap Economy Part 1: Screen Commerce

Apple senior engineer compared App Store security to ‘butter knife in a gunfight’, says Epic Games as companies square off for landmark antitrust case

A senior Apple engineer reportedly compared the company’s security protections in its App Store to “bringing a plastic butter knife to a gunfight” in newly released legal documents.

Epic Games cited the remark in filings ahead of an antitrust case set to begin in California next month, the Financial Times reported.

Ahead of the trial both companies were given access to internal documents from the other, and were able to use them to bolster their cases.

Apple’s internal documents cited critical remarks by Eric Friedman, head of the firm’s Fraud Engineering Algorithms and Risk (FEAR) unit.

apple app store‘Drug-sniffing dog’

Friedman also said Apple’s app review process for the App Store was “more like the pretty lady who greets you . . . at the Hawaiian airport than the drug-sniffing dog”.

Epic is suing Apple over its App Store policies, including a 30 percent commission levied on the revenues from most apps, saying they represent monopolistic tactics.

Apple claims the fees are proportionate and are necessary, in part, to fund its App Store security efforts.

Epic quoted Friedman in order to support its claim that the App Store’s defences are not up to scratch.

The company was kicked off the App Store after it introduced its own payment system into Fortnite, bypassing Apple’s required system.

‘Non-security issues’

In the new filings, it also argues that Apple has in the past removed apps from the App Store not only in order to benefit users, such as for security or privacy reasons, but also in order to protect its own business.

It asserts that Apple’s App Review process “does little to keep iOS devices secure,” while screening apps “primarily for non-security issues – including specifically for anti-competitive purposes”.

More specifically, Epic argues Apple’s requirement that developers use its own In-App Payment (IAP) system offers no security benefits, as Apple claims.

“There were no widespread or significant security issues regarding payment with the App Store prior to the introductions of IAP or the requirement that apps selling subscriptions use IAP rather than alternate payment solutions, nor evidence that IAP is far superior to third-party payment alternatives with respect to security,” Epic says in its filing.

For Apple’s part, it says the App Store doesn’t represent a monopoly because it’s part of a broad spectrum of options available to users and developers, including Google’s Android platform, websites and gaming platforms from the likes of Nintendo, Microsoft and Sony.

Payment dispute

It argues Epic introduced its own payment system primarily in an effort to avoid fees, in spite of earning $700 million (£510m) from Fortnite on the App Store in the two years before the game was removed.

It acknowledged the presence of malware on its platform but said the iPhone accounted for only 0.85 percent of malware infections, compared to 47.2 percent for Android and 35.8 percent for Windows.

Apple said it rejects about 40 percent of all app submissions, and has a “robust” screening process in place operated by nearly 500 staff. Furthermore, the 30 percent rate is industry-standard, according to Apple.

The case is set to begin on 3 May in Oakland, California.