Several unscrupulous Android app developers are taking advantage of a loophole in Google's Play Store policies to overcharge users large sums of money for banal apps, such as calculators and barcode scanners.
These apps are taking advantage of app trial periods, which is an app monetization mechanism through which app developers can allow users to test a commercial app for free for a limited period of time.
If users don't like the app, they can uninstall it.
But according to the strict letter of the law (i.e. Play Store policies), users are supposed to first cancel the trial period, and only then uninstall the app.
However, most app developers don't apply these rules so strictly, and they usually interpret an app uninstall also as a trial period cancellation.
Nevertheless, some developers are not so good-hearted. If a user fails to cancel the trial period, they charge the user, even if they've uninstalled the app.
Most apps cost only a few bucks, so this is no big deal for many users, who often reinstall the apps and cancel any leftover subscription.
But in a report published today, security researchers from Sophos Labs said they found two-dozen apps that grossly overcharge their users when they fail to cancel the trial period.
Researchers said they've seen developers charge between $100 and $240 for the most basic set of apps, such as QR or barcode readers, calculators, tools to make animated GIFs, or photo editors.
In total, researchers said they found 24 apps engaging in this overcharging behavior. Of these, Sophos said that Google took down 14 when the company first reached out with an initial list of 15. They later send another list of nine apps that they found engaging in similar behavior. This second list is available below, and most apps are still available at the time of writing.
Searching through the reviews section of some of these apps, we found multiple users complaining about having been overcharged, even if they uninstalled the apps, showing that the technique helped app makers scam their way into some unearned payments.
"It's a business model that walks a fine ethical line, but it is apparently successful," said Jagadeesh Chandraiah, a mobile security analyst for Sophos Labs.
"With millions of installations, in some cases, if even a small percentage of users forget to cancel their subscription before the trial period lapses, app creators can make significant money."
While, technically, these apps aren't malware, it's good to see Google taking a stance and removing the ones with exorbitant pricing.
Check out the Sophos report for images and names of some of these scam apps.