Google is right to be proud of how well it keeps a vast majority of malware and scams out of the Play Store, but there is one particular kind of misleading applications that the company has trouble dealing with. So-called fleeceware apps are overcharging customers for basic functionality, but still deliver what they promise, which technically doesn't make them scams in Google's book. Some people end up with $300+ bills for an image search app that just redirects to Google Images, which is certainly not a genuine way of making money. Google has to step up its game to tackle these kinds of unethical apps.
What exactly is happening?
Security company Sophos already reported on Play Store fleeceware last year. Following that coverage, Google has cleared out a few apps, but these scams keep reappearing on the Play Store. A recent example has been brought to our attention by a tipster. It's an image search app called "Search by Image" that promises to let you reverse-search images on the web for a chilly $200-or-more-a-year subscription. If you watch the app's advertisement on YouTube, you'll quickly notice it does just what Google Lens does, a service preinstalled for free on all Android phones. Search by Image is nothing but a quick money grab for uninformed people.
Google Lens is preinstalled on any modern Android phone and gives you Search by Image's feature set for free.
The developer has two other apps in their portfolio, a video compression service and an Instagram photo grid product. While all three have good ratings ranging between 4.1 to 4.5 stars, the top reviews are negative and warn of high subscription charges and scams. Some even say the apps routinely crash and don't work properly. We assume that the bulk of positive reviews is fake.
There's another product that plays into people susceptible to the esoteric and supernatural. A palm reading/aging camera app called "Palm Secret" has amassed more than one million downloads and has been among the top apps in the Irish Play Store for a few weeks. Those who have downloaded it complain about annual or monthly Play Store subscriptions beyond $100 a year, and say that the app doesn't even function properly — whenever it tries to scan a hand, it crashes. (Let's not get started on how Palm Secret claims to read your future by scanning your hand.)
The apps have in common that they offer a short free trial (usually about three days) which turn into said paid subscriptions. They gamble on the gullibility of people who forget to cancel or don't know that they have to in the first place.
Google's current stance
Google currently has an anti-scam policy in place that these apps seem to be able to circumvent: "Developers must not mislead users about the apps they are selling nor about any in-app services, goods, content, or functionality offered for purchase." All of the products in question are careful to explain what features they offer, and for those we installed on our phones, the capabilities were indeed available.
The apps' listings also note that they include paid subscription content, as per the second part of Google's policy: "If your product description on Google Play refers to in-app features that may require a specific or additional charge, your description must clearly notify users that payment is required to access those features." On the surface, the apps adhere to the rules.
Making matters worse, Google makes it impossible for ripped-off customers to claim back their money when they missed the end of the free trial, emphasis mine:
If a user cancels a subscription purchased from an app on Google Play, our policy is that the user will not receive a refund for the current billing period, but will continue to receive their subscription content for the remainder of the current billing period, regardless of the cancellation date. The user's cancellation goes into effect after the current billing period has passed.
Google says that developers can offer less restrictive refund policies if they wish, but of course, scamming apps won't provide those. The rule plays into their hands.
What should Google do?
It's hard to pin down these kinds of apps because they're not outright malware, and they don't outright steal money from customers — when people sign up for these free trials, they can clearly see that they'll turn into expensive subscriptions later down the road, and they get the offered features in return. Google has to walk a fine line because many legitimate, useful apps also come with free trials that turn into paid subscriptions later on.
There are a few things that Google could do to make it harder for these apps to scam people. The Play Store could display a warning when you uninstall any app during a free trial, stating that you still have a subscription that you should cancel if you want to stop using the product altogether. Right now, you have to actively remember to head to your subscriptions and cancel the service during the free period — otherwise, you'll be charged and can't get a refund, and it's possible many people don't know this.
The company could also take user reports more seriously. If a critical number of people keep complaining about an app that charges way too much money for basic functionality, then maybe Google should start an investigation and consider removing the application, and reimburse the scammed customers by relaxing the cancelation rules.
A change of the policy could also help: Google could introduce a passus on overcharging, though it'd need to be careful about the exact wording — prescribing strict ceilings on what services are allowed to cost could stifle innovation, and developers should be able to charge as much for their legitimate, useful products as they deem necessary. A new regulation could make it more difficult to offer products in the "most expensive apps" mock genre, though if anyone would really miss those is another question.
Overall, a few small tweaks could already go a long way, and while it would add more work on Google's part, the Play Store might become a much safer place.
- Ailín Ó'S