Bug in iOS API allows developers to force users to give apps a good rating
The app will not open unless you give it five starsBy Cal Jeffrey 13 comments
Facepalm: What is the best way to make sure your app has a five-star rating? Make a killer app? Nope. Shady developers have discovered an iOS flaw that allows them to create apps that will not open unless the user gives it a five-star rating on the App Store.
Self-proclaimed "Professional AppStore critic" Kosta Eleftheriou spotted an app ("UPNP Xtreme") that uses this bug. He tweeted a demo video showing it in action (below).
The review: "This app forced me to give it a good rating before I could use it."--- Kosta Eleftheriou (@keleftheriou) May 25, 2021
You: "Pfff, no one's FORCING you!"
The app: 🤯 pic.twitter.com/R6ytFAguhU
Upon launch, it presents an App Store rating popup. However, users cannot cancel the dialog box, and it will not close until the user submits a five-star rating. He said this particular app has over 15 million downloads and has generated millions of dollars in revenue. He claims Apple allows bugs like this because of its 15- to 30-percent cut.
"This trick is EXTREMELY easy for any developer to do, and not limited to this app," Eleftheriou tweeted.
Eleftheriou claims that the popup isn't just a fake review prompt. It's the actual review API that Apple has available to developers but is programmed in such a way to exhibit this behavior. Guilherme Rambo, another app developer, broke down the code showing how it works (below).
It looks like the app is using the native review dialog, then observing windowDidBecomeVisible: for the container window that's rendered in-process, and putting something on top of that to prevent interactions other than five-star reviews. pic.twitter.com/wV3SMXehLu--- Guilherme Rambo (@_inside) May 26, 2021
This app is not the only scammy software Eleftheriou has uncovered. In the last several months, he has found numerous app scams that he claims have made millions of dollars in revenue. Eleftheriou has made it his mission to sniff out these types of apps because of his long-standing feud with the Cupertino tech giant over his Apple Watch keyboard FlickType.
The App Store initially rejected FlickType, and Eleftheriou went through a lengthy appeals process to finally get it accepted. He claims Apple denied FlickType because it had its own keyboard technology in the works and did not want a competing app. Even though the App Store finally approved FlickType, Eleftheriou filed an antitrust lawsuit against Apple earlier this year.
Editor's note: Before we could hit publish on this article, Apple had already removed UPNP Xtreme from the App Store.
Image credit: 9to5Mac