How to Avoid in-App Fingerprint Scams
It’s great when an app allows you to add extra security – like scanning your fingerprint or a depth map of your face – to access its contents. If someone ever gets your unlocked device (or finds out your PIN), it will be harder for them to access important apps like your banking apps if they don’t have your finger orface nearby.
What’s not so good is that rogue apps try to use your device’s security features to rob you. As Engadget recently reported, this is exactly what has been happening lately in some iOS apps. (We’re assuming Android does too, since no platform is immune to those looking to make quick money by taking advantage of gullible users.)
How fingerprint scan scams work
Let’s take a look at the Fitness Balance iOS app that has since been removed from the App Store. The app will display a pop-up screen asking you to “scan your fingerprint to view your personal calorie counter and diet.” The little countdown timer also started for no reason.
A tiny alarm should go off in your head because this request sounds terribly suspicious (and grammatically incorrect – another sign that this “feature” may not be all that useful). The query itself is not a standard system prompt, which is red flag number two. And this countdown timer? This is probably not something you have ever encountered when asked to authenticate yourself with your fingerprint or face.
Click on the embedded video above and you will see exactly how the scam works. When your fingerprint is scanned, the app opens a checkout window for an in-app purchase. Since you are already pressing your finger on the smartphone’s reader, you approve the purchase – just $ 120. Ouch.
How to protect yourself from annoying app fraud
There will always be some new scam that you need to worry about. However, there are some general tips to keep in mind when using a new app to better protect yourself from questionable developers looking to make money fast.
If it looks or seems strange, don’t do it.
If you use your smartphone for a reasonable amount of time, you should get used to standard conventions: how do you pay for apps or in-app purchases, what prompts look like when you use your device’s fingerprint or face – recognition functions when or where apps ( or your OS) asks you to use your finger or face to enter something, etc.
If an app offers a procedure that seems a little out of place – like keeping your finger on your smartphone’s fingerprint sensor for an extended period of time, when it’s usually just a quick tap – you should proceed with caution. The same is true if the app wants you to keep tapping differently to “register” your fingerprint, even if you’ve already done so on Android or iOS, or if the app doesn’t use system prompts when prompted. you must be authenticated.
Read. File. Reviews.
When you’re looking for new apps to try out, always read reviews. And don’t just read the reviews – think about what they say. If an app has 15 five-star reviews that look pretty generic, or worse, sound a little spammy, they are most likely not legitimate. This is not to say that you shouldn’t download the app, but you should be on the lookout to make sure you are actually getting the experience the app promises. Beware of bait and spoofing, overpriced subscriptions, or the aforementioned issue of “getting sucked into a really expensive in-app purchase.”
In fact, you should be able to check in-app purchases on both the App Store and Google Play before downloading it. If an app offers an outrageously expensive one-time purchase in the form of an IAP and it doesn’t make a lot of sense – for example, a co-pay for additional content in a medical records app – you should be concerned.
Check your purchase history and ask for a refund for fraud
It’s easy to see when you’ve made in-app or in-app purchases on iOS or Android . You should also receive emails to your account’s primary email address when you spend money. Pay attention to them – or check your purchase history regularly – to make sure you don’t accidentally buy something you didn’t intend to do.
If this happens, you can request a refund from Apple (via ” Report a Problem ” on any invoice) or Google ( via your order history ). Both companies must refund your purchases if you were clearly cheated in making them, provided that you explain your case. The sooner you ask for a refund, the better, so make sure you receive these emails when you buy an app or any in-app content.
Disable fingerprint or face authentication for purchases
If you really want to be safe, you can always enter a long and cumbersome password instead of using your finger or face to authenticate App Store or Google Play purchases (or apps you’ve downloaded). This will at least give you extra time to confirm that you really want to buy what the app wants you to buy.
You can turn off Face ID and Touch ID for purchases from the respective sections in the iOS Settings app. On Android, open the Settings menu in Google Play and look for the Fingerprint Authentication option.