SECURITY INFLUENCERS BLOG

Security influencers provide real-world insight and “in-the-trenches” experiences on topics ranging from application security to DevOps and risk management

START FREE TRIAL

The Impact of Fake Retail Apps Hitting the Apple App Store this Year


Last week, App Developer Magazine, in an article titled "The Impact of Fake Retail Apps Hitting the Apple App Store this Year" prominently features Contrast Security Co-founder and CTO Jeff Williams. The article discusses how counterfeiters have disguised apps as retail chains like Dollar Tree and Foot Locker, department stores like Nordstrom and even luxury brands like Jimmy Choo. 
Christian Hargrave, author of the article, interviewed Jeff. Below is an excerpt from the article:blog_apps111416.jpg

We spoke with Jeff Williams, Co-founder and CTO of application security company Contrast Security, who explained both the security and brand impact of the news.

“First, it’s important to note that Apple’s App Store deserves a lot of credit for creating an environment where the overwhelming majority of apps are safe to use and do not have either: 1) vulnerabilities that would allow an attacker to take over a device, or 2) capabilities that would allow the app creator to compromise device security. That’s not easy. Android and the Google Play store aren’t even close in comparison. 

So in a way, it’s a good sign that attackers have to resort to this roundabout method of attacking users. Yes, Apple should do a better job of ensuring that trademarks should only be used with authorization. However, think for a minute how hard that problem really is. Remember that many applications are written by third parties, consultants, and outsourcing organizations who are also responsible for submitting them to the App Store. How would Apple actually verify that the submitter actually owns that trademark? For the record, most trademarks aren’t global, they’re geographic and limited to a particular type of product. So it’s tough to make Apple the arbiter of all of that for 2.2 million apps in the store.

Instead, Apple has chosen to let the two parties involved (accuser and alleged infringer) work it out. They even facilitate contact between the two parties. This kind of thing can happen in the real world of course. Walmart might sell you Ozcar Meyer franks from their store. Or you might buy a Molex watch from Bloomingdales. But, the question is whether Walmart or Bloomingdales has a legal obligation to get involved in the trademark dispute. I hope they would, and I hope Apple figures out ways to make this kind of scam more difficult. But, I don’t blame them.”

Read the complete article online here >>

 

Christine Carrig, Director of Marketing

Christine Carrig, Director of Marketing

Christine’s wide breadth of marketing experience has been focused on driving revenue, building brand recognition, and creating demand-generation programs in technology organizations. For the past 11 years, her deep understanding of marketing principles, coupled with forward thinking, has been instrumental in transforming application security start-ups into successful, profitable companies.

SUBSCRIBE TO THE BLOG