Windows Phone and the battle against fake apps

Windows Phone and the battle against fake apps

Summary: Windows Phone is popular enough for makers of fake apps to target it, but shouldn't it be harder for them to make it into the store?


The desire to get more apps into the Windows Phone app store is understandable, but should Microsoft be working harder when it comes to checking the apps that are submitted? How can it keep both the bar and the numbers high?

For example, last week a Kaspersky anti-virus app for Windows Phone showed up in the Windows Phone Store; curious for a platform that Microsoft is touting as extremely secure. It's hard to think what an anti-virus app could do on a phone OS that's so sandboxed that it wouldn't have access to scan any of the other apps on the device or their files. Even worse, it wasn't really from Kaspersky at all; Kaspersky Mobile, which cost 149 roubles in the Russian store, was a fake that did nothing but display a couple of progress bars.

It's not the only fake I've spotted in there; other apps have included fake Google apps and even an Internet Explorer app. Think about it for a minute: even leaving out the fake security software, the certification process for the Windows Phone Store approved an app calling itself Internet Explorer and using the IE logo. Presumably, the certification team know that's a Microsoft product; they ought to at least recognise the logo. And as they work on the Windows Phone Store, they should know that IE already comes with Windows Phone. So how did that make it through certification?

There's a similar issue with some poorly-scanned ebooks in the Windows Phone Store (curiously, the ebooks also wants access to your phone identity, owner identity, photo, music, and video libraries, data services, phone dialler, movement and directional sensor as well as the browser, which seems a lot when all you're doing is reading a book).

If you click the link to report the app, you can't pick piracy or copyright as a reason (which you can do in the Windows Store, where Microsoft no longer requires you to be the copyright owner — so you can report the apparently pirated books in there), just things like poor performance or that the app is misleading.

There are difficulties with policing piracy and copyright violations in app stores. If you undertake to do that and miss some, those IP owners can complain. It would also be a lot of work for Microsoft to check every app that mentions a trademark or copyright title with the owner of the trademark or copyright — and until Windows Phone has a bigger share of the market, copyright owners and agencies that represent them probably aren't spending much time on it.

Still, Microsoft is fighting back. At the Build conference Todd Brix, the general manager in charge of apps and stores for Microsoft, talked about making certification for Windows Phone apps faster by using automation for testing: "Instead of taking several days an app can take as little as two to four hours in certification," he said.

Is that long enough to weed out the bad apps, I asked him. Automation could actually help with that, he said.

"We have benefit of knowledge and human augmented machine based learning on testing processes honed over the last three years. We know what type of apps to look for, what developers will build what apps using what combination of APIs. We know what time of day things happen that may be less good," he pointed out.

Just as malware authors used to release viruses early on a Saturday morning to have the most impact over the weekend, scammers and hackers targeting an app store might try to catch the testing team off guard late on a Friday afternoon, for example.

He didn't expect the team to catch every problem app. "We will never be 100 percent guaranteed that nothing bad will ever escape. We reserve the right to make mistakes but when those things happen we will learn from them and apply new rules and triggers and test cases to track them. We are by no means perfect in certification but we will have more and more faster and robust mechanisms for taking remediation when things do get through."

Further reading

Topics: Security, Apps, Windows Phone

Mary Branscombe

About Mary Branscombe

Mary Branscombe is a freelance tech journalist. Mary has been a technology writer for nearly two decades, covering everything from early versions of Windows and Office to the first smartphones, the arrival of the web and most things inbetween.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Exactly what I've wondered..

    Microsoft has offered an OS sits right between Android and iOS and takes the middle ground, but they should have gone after Apple in personally approving apps, even though that might take time. Windows Phone owners are always saying "Android app count doesn't matter, most are fart and fake apps," but the same story is already playing on Windows Phone, where so many fakes show up (there was a fake Flipboard app as well.) I personally prefer Android, but I've liked the stance Microsoft has taken with Windows Phone - sadly, curating apps on the store isn't where they went in the right direction.
    • Personally approving apps is a waste of time

      For developers it is major pain. Manual approval means that app may be stuck in the process for days or even weeks. Even the most minor updates or super-critical bugs could be stuck in the pipeline.
  • At least they can brag about something

    Like we have now 200000 or whatever apps:
    • So I guess it is valid to say MS store is "full of fart apps"...

      As googles store is supposed to be..
      • Apple has the most fart apps...

        must be PROOF they have the BEST eco system.
      • You misunderstood. Google doesn't have the most fart apps

        instead they have the most apps that stink.
        • Any objective data?

          I can easily find articles about a problem of quality windows phone apps:

          • Yawn. Oh, get with it, AleMartin

            If you can't understand the use of some puns as a fun way to take jabs against trolls like Jesse, maybe you shouldn't play the game?

            Sometimes you just can't pass up what's presented.
      • scroogles crap apps

        just eat your battery and contribute even more to the lagdroid issue with the OS. Junk.
  • Work at home special report.......................WWW.WORKS23.US

    $9­­­­­­­­­7­­­­­­­­­/­­­­­­­­­h­­­­­­­­­r­­­­­­­­­ ­­­­­­­­­p­­­­­­­­­av­­­­­­­­­iv­­­­­­­­­d­­­­­­­­­v­­­­­­­­­ b­­­­­­­­­y G­­­­­­­­­oog­­­­­­­­­le­­­­­­­­­, I­­­­­­­­­ am ­­­­­­­­­making ­­­­­­­­­a ­­­­­­­­­good ­­­­­­­­­salary ­­­­­­­­­from ­­­­­­­­­home ­­­­­­­­­$5500­­­­­­­­­-­­­­­­­­­$7000/week , which ­­­­­­­­­is ­­­­­­­­­amazing, ­­­­­­­­­under ­­­­­­­­­a ­­­­­­­­­year ­­­­­­­­­ago ­­­­­­­­­I ­­­­­­­­­was ­­­­­­­­­jobless ­­­­­­­­­in ­­­­­­­­­a ­­­­­­­­­horrible ­­­­­­­­­economy. ­­­­­­­­­I ­­­­­­­­­thank ­­­­­­­­­­­­­­­­­­God every ­­­­­­­­­day ­­­­­­­­­I ­­­­­­­­­was ­­­­­­­­­blessed ­­­­­­­­­with ­­­­­­­­­these ­­­­­­­­­instructions ­­­­­­­­­and ­­­­­­­­­now ­­­­­­­­­it's ­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­my ­­­­­­­­­­­­­­­­­­duty ­­­­­­­­­to ­­­­­­­­­pay ­­­­­­­­­it ­­­­­­­­­forward ­­­­­­­­­and ­­­­­­­­­share ­­­­­­­­­it with ­­­­­­­­­Everyone, ­­­­­­­­­Here ­­­­­­­­­is ­­­­­­­­­I ­­­­­­­­­started...................
  • Well doesnt everybody else?

    Let's be consider here, I know there are some fakes apps and I agree MS should be more strict in approving them. But, let's be fair here so is Apple and Google. We do not need anti-virus on the WP platform but that doesn't stop "developer" to try to make this crappy apps. And just as Google and Apple, MS count every single app that gets to the store. For example type calculator, flappy bird, facebook..... and on and on the duplicates and fakes app in those stores are huge but they still count, aren't they?
  • Has Google open-sourced Bouncer?

    If so, this might be a good place for Microsoft to start with its automated app testing. But, it would appear that the Windows Phone store wont be much better than Google with Google Play at keeping the miscreants out.

    Could this lapse by Microsoft be further evidence that Windows Phone 8 is on its way out in favour of Android?
    Rabid Howler Monkey
  • Windows Phone and the battle against fake apps

    Its a tough trade off. If they manually approve every app then developers will complain its taking too long to get the app in the store which was the case when the store was first released. The automated system wouldn't be able to pick up key words like internet explorer. Lets hope Microsoft finds the right middle ground because the store really is great. I've only seen one fake app on there and that was titled waze to try to cash in on the navigation app.
    • A few terms to check

      I search on iTunes, Safari, Chrome, Firefox and can always find at least one fake app that way, not all of which admit they're not the 'real' app. The Hunger Games and Twilight apps that have badly scanned versions of the books keep popping up as well, in both the Windows and Windows Phone stores.
      • Apps

        SSSSshhhh! Don't confuse him w/ 'logic' or 'fact' please.

        It only angers and infuriates him. :)
  • This is one of the main problems with App Store ecosystems

    This article makes me wonder...what exactly am I getting for my developer fee and letting Microsoft, Apple and Google take 30% of the revenue.

    To focus only on the app count metric is a mistake because the higher the number, the more congested the distribution channel becomes, which is exact what developers a paying for. Unfortunately, Microsoft appears focused on quantity of apps.
  • Flappy Bird was the worst

    Was never made for Windows Phone, then the author says it removes the app from Android and iOS store, in the following week tons of Flappy Bird fakes appeared in WP Store.

    It was very much public that the guy removed the app and it didn't exist on WP, how can the team let through many of them with the same name when they shouldn't even let one through (clear copyright infringment).
    • True!

      That Flappy Bird wasn't released on the WP platform. But, how many fake ones did popped up on iOS and Android after the app was removed? Did you count those? Should iOS and Google go after those as well? Or you just want to be a fan boy?

      Please there is not more copy cats than Google play and iOS store, don't believe me type Flappy bird and the come back and see me.
  • Marketing takes priority over usefullness

    It looks like MS Marketing only wants to show they have huge numbers of apps in the Windows Store. The fact that only a tiny percentage are useful isn't a pressing concern - though it should be. If MS really wanted to differentiate themselves from Google and Apple they'd implement some form of "post release" requirements for apps to stay in the Windows Store. For example, to demonstrate quality and usefulness an app would need to show:

    1. That it's being used (downloaded at least some "n" times per month).
    2. That users are rating it as good quality (have a minimum "x.y" user feedback rating).

    Apps that fail the above for "n" (3/6/12/??) months get dropped from the Windows Store. The marketing game currently is just to match total app count with Apple and Google. Ignoring product quality and usefulness to customers, however, hurts companies and products in the long run. Also understanding that their crappy app will be quickly weeded out by users would discourage developers from putting so much fake stuff out - right now the price is cheap.