Apple publishes a new report explaining how allowing sideloading would expose iOS users to security risks

Apple today published a new report called ‘Building a Trusted Ecosystem for Millions of Apps’ that explains why allowing to distribute apps outside of the App Store through websites or third-party app stores would degrade the security of the iOS platform. 

Apple CEO Tim Cook had said last Wednesday that Android has 47 times more malvare than iOS does and that’s mainly due to how Android allows users to sideload apps very easily while iOS users are required to perform a lot more work. 

The report reemphasized this data and said “Sideloading would expose users to scammers who will exploit apps to mislead users, attack iPhone security features, and violate user privacy.” 

In the report, Apple explained how sideloading can violate user privacy and bypass parental controls, with different scenarios.

“It would also make it more difficult for users to rely on Ask to Buy, a parental control feature that allows parents to control their children’s app downloads and in-app purchases, and Screen Time, a feature to manage their and their children’s time with their devices. Scammers would have the opportunity to trick and mislead kids and parents by obfuscating the nature of their apps, making both features less effective.”

This isn’t the first time Apple has opposed the request for allowing third-party app stores. During the Apple vs. Epic Games antitrust trial where Epic requested Apple to open the iPhone to other app stores, Apple attorney Veronica Moye had said ‘’Anyone who wants third-party app stores “is free to go out and buy an Android device. The relief requested here is to force Apple to take a competing product off the market.”

“iPhone is used every day by over a billion people – for banking, to manage health data, and to take pictures of their families. This large user base would make an appealing and lucrative target for cybercriminals and scammers, and allowing sideloading would spur a flood of new investment into attacks on iPhone, well beyond the scale of attacks on other platforms like Mac.” the report said. 

In the report, the iPhone maker said that nearly one million problematic new apps and around one million updates were rejected or removed in 2020. The company also emphasized that 100,000 new apps and updates are reviewed every  week by a team of over 500 dedicated experts. 

In May, it announced that it prevented over $1.5 billion in ”potentially fraudulent transactions” in 2020 and rejected over 150,000 for being copycat and misleading. The company also said in the report that it expelled 470,000 teams from the Apple Developer Program for fraud-related reasons and deactivated 244 million customer accounts due to fraudulent and abusive activity, including fake reviews. 

If you want to learn more about Apple’s perspective on sideolading, you can read the full report here.