Top Stories, Compelling Insights, Accomplished Experts

InCyberDefenseTouch ID Scam a Threat to Health Apps and Other Users Marissa Bergen December 5, 2018
Get started on your cybersecurity degree at American Military University.

By Marissa Bergen 
Contributor, InCyberDefense

Touch ID is a convenient feature. It easily unlocks devices in a way that seems safe and secure. But recently, a handful of scam apps have emerged that make this convenient Apple feature not as safe or as secure as one would hope.

Apps disguised as health assistants encourage users to use a Touch ID to open a calorie tracker, heart rate measure or a similar seemingly legitimate function. However, once you scan your fingerprint to secure your personal data, instead of gaining access to these features, a popup appears charging you $90 to $120 to purchase the feature. At the same time the screen dims making it difficult to see the prompts. In some cases, even if you decline to use Touch ID, the app will still ask you for payment.

Not only do these bogus apps try to capture your personal information, they violate Apple’s App store guidelines by charging exorbitant fees. Apps that have been removed for this violation include Heart Rate Monitor, Fitness Balance app and Calorie Counter app.

Law enforcement Investigations are looking into whether these apps originated with separate developers or one person operating multiple accounts. However, it is known that it was duplicity not malware that was used to pull off the scam, which provides some insight into how we use Touch ID.

As soon as you put your finger on the home button on your iPhone, it starts scanning, ready to act quickly. Although these scams are a continuing threat to cybersecurity, there is some good news. Those who own an iPhone model X or later don’t have to worry about being caught up in the scam because that model iPhone doesn’t have a home button. Owners just double click the side button on those devices to gain access.

However, iPhone users with older models must still deal with the possibility of falling victim to this fraud. If you own an older model iPhone, the best thing you can do is stay vigilant and use only apps you fully trust.

Apple can also reduce the likelihood that this scam happening by reviewing apps more carefully and introducing some sort of extra confirmation mechanism to Touch ID. However, this would lead to its own share of frustrations and may not be worth the trouble because the Touch ID feature is being phased out.

In the meantime, we can only continue raising awareness to the fact that cyber thieves are everywhere and are not deterred by modern technology’s efforts to make the online world safer. Continue watching for apps that look suspicious and do your best to avoid them. That way, you won’t get ripped off by criminals who are ready to access your personal information.

About the Author

Marissa Bergen is a freelance writer from Brooklyn, New York. Passionate about everything from fashion to technology, her writing experience has increased her awareness of digital marketing, cybersecurity and the ever-expanding World Wide Web. She now lives in Los Angeles with her husband and two children. Google her to find out more about her writing and her other life as a bass player in her family band, The CheeseBergens.

Get started on your cybersecurity degree at American Military University.
View on InCyberDefense