iOS app rating flaw: App won’t open without 5-star review

Bill Mount

An iOS app rating flaw lets developers create apps that cannot be opened until the user gives it a five-star review. It’s the latest discovery by FlickType developer Kosta Eleftheriou, whose Twitter bio now describes him as “Professional AppStore critic.” Eleftheriou has indeed made a name for himself identifying high-profile […]

An iOS app rating flaw lets developers create apps that cannot be opened until the user gives it a five-star review.

It’s the latest discovery by FlickType developer Kosta Eleftheriou, whose Twitter bio now describes him as “Professional AppStore critic.” Eleftheriou has indeed made a name for himself identifying high-profile scam apps that made it through app review, some of which have made millions of dollars for their developers …

He has even gone as far as filing a lawsuit against Apple, accusing the company of breaching its contract with developers by failing to properly police the store.

Eleftheriou spotted the latest flaw being exploited by the UPNP Xtreme app, posting a video demo to Twitter. As soon as you open the app, Apple’s review pop-up is triggered. However, the “Not now” button that would normally allow a user to dismiss the dialog appears non-functional (I assume it is simply relaunching the pop-up).

Not only that, but attempting to give the app anything less than five stars also prevents the user from dismissing the dialog. Only giving it a five-star review allows the app to be opened.

As with some of the earlier scam apps found by Eleftheriou, this is not an obscure one sitting in a dusty corner of the App Store.

This developer has more than 15M downloads and $MILLIONS in revenue.

Nor is the review pop-up a fake one, or dependent on some clever workaround.

This is the iOS system rating prompt, not a custom look-alike one.

The worst part? This trick is EXTREMELY easy for any developer to do, and not limited to this app.

Eleftheriou has previously pointed to the ease with which developers can buy fake reviews and ratings, but with this approach, a developer wouldn’t even need to pay for them.

A key element in Apple’s defense in the Epic Games case has been that its app review process keeps scam apps out of the store. Eleftheriou has persistently argued that this isn’t the case.

Apple also says they conduct a “robust” review process – yet this fraud takes place immediately upon launching the app. Even an automated check would have caught this! But with no competing app stores on iOS, Apple doesn’t care enough to improve their ways

Apple would of course respond by saying that far more scam apps would make it into the App Store without the review process, recently noting that it stopped more than $1.5B in potentially fraudulent transactions last year. All the same, it’s certainly not a good look when an app like this can pass review.

Update: Some are questioning how Eleftheriou can be certain it’s the native dialog, and he has replied. We’ve also been able to verify it for ourselves.

Guilherme Rambo discovered why it only works on some screen sizes.

FTC: We use income earning auto affiliate links. More.


Check out 9to5Mac on YouTube for more Apple news:

Next Post

Computer Aided Technology Announces Partnership with the ExOne Company

Partnership adds ExOne Metal 3D Printing Technology and Metal 3D Printers to the CATI solution portfolio. BUFFALO GROVE, Ill., May 26, 2021 /PRNewswire/ — The nation’s leading provider of engineering software, 3D printing equipment, 3D scanning and metrology, PDM and simulation, has partnered with ExOne Company, a pioneer and global […]