FreshRSS

🔒
❌ About FreshRSS
There are new available articles, click to refresh the page.
Before yesterdayYour RSS feeds

Report: India may be next in line to mandate changes to Apple’s in-app payment rules

By Ingrid Lunden

Summer is still technically in session, but a snowball is slowly developing in the world of apps, and specifically the world of in-app payments. A report in Reuters today says that the Competition Commission of India, the country’s monopoly regulator, will soon be looking at an antitrust suit filed against Apple over how it mandates that app developers use Apple’s own in-app payment system — thereby giving Apple a cut of those payments — when publishers charge users for subscriptions and other items in their apps.

The suit, filed by an Indian non-profit called “Together We Fight Society”, said in a statement to Reuters that it was representing consumer and startup interests in its complaint.

The move would be the latest in what has become a string of challenges from national regulators against app store operators — specifically Apple but also others like Google and WeChat — over how they wield their positions to enforce market practices that critics have argued are anti-competitive. Other countries that have in recent weeks reached settlements, passed laws, or are about to introduce laws include Japan, South Korea, Australia, the U.S. and the European Union.

And in India specifically, the regulator is currently working through a similar investigation as it relates to in-app payments in Android apps, which Google mandates use its proprietary payment system. Google and Android dominate the Indian smartphone market, with the operating system active on 98% of the 520 million devices in use in the country as of the end of 2020.

It will be interesting to watch whether more countries wade in as a result of these developments. Ultimately, it could force app store operators, to avoid further and deeper regulatory scrutiny, to adopt new and more flexible universal policies.

In the meantime, we are seeing changes happen on a country-by-country basis.

Just yesterday, Apple reached a settlement in Japan that will let publishers of “reader” apps (those for using or consuming media like books and news, music, files in the cloud and more) to redirect users to external sites to provide alternatives to Apple’s proprietary in-app payment provision. Although it’s not as seamless as paying within the app, redirecting previously was typically not allowed, and in doing so the publishers can avoid Apple’s cut.

South Korean legislators earlier this week approved a measure that will make it illegal for Apple and Google to make a commission by forcing developers to use their proprietary payment systems.

And last week, Apple also made some movements in the U.S. around allowing alternative forms of payments, but relatively speaking the concessions were somewhat indirect: app publishers can refer to alternative, direct payment options in apps now, but not actually offer them. (Not yet at least.)

Some developers and consumers have been arguing for years that Apple’s strict policies should open up more. Apple however has long said in its defense that it mandates certain developer policies to build better overall user experiences, and for reasons of security. But, as app technology has evolved, and consumer habits have changed, critics believe that this position needs to be reconsidered.

One factor in Apple’s defense in India specifically might be the company’s position in the market. Android absolutely dominates India when it comes to smartphones and mobile services, with Apple actually a very small part of the ecosystem.

As of the end of 2020, it accounted for just 2% of the 520 million smartphones in use in the country, according to figures from Counterpoint Research quoted by Reuters. That figure had doubled in the last five years, but it’s a long way from a majority, or even significant minority.

The antitrust filing in India has yet to be filed formally, but Reuters notes that the wording leans on the fact that anti-competitive practices in payments systems make it less viable for many publishers to exist at all, since the economics simply do not add up:

“The existence of the 30% commission means that some app developers will never make it to the market,” Reuters noted from the filing. “This could also result in consumer harm.”

Reuters notes that the CCI will be reviewing the case in the coming weeks before deciding whether it should run a deeper investigation or dismiss it. It typically does not publish filings during this period.

Jolla hits profitability ahead of turning ten, eyes growth beyond mobile

By Natasha Lomas

A milestone for Jolla, the Finnish startup behind the Sailfish OS — which formed, almost a decade ago, when a band of Nokia staffers left to keep the torch burning for a mobile linux-based alternative to Google’s Android — today it’s announcing hitting profitability.

The mobile OS licensing startup describes 2020 as a “turning point” for the business — reporting revenues that grew 53% YoY, and EBITDA (which provides a snapshot of operational efficiency) standing at 34%.

It has a new iron in the fire too now — having recently started offering a new licensing product (called AppSupport for Linux Platforms) which, as the name suggests, can provide linux platforms with standalone compatibility with general Android applications — without a customer needing to licence the full Sailfish OS (the latter has of course baked in Android app compatibility since 2013).

Jolla says AppSupport has had some “strong” early interest from automotive companies looking for solutions to develop their in-case infotainment systems — as it offers a way for embedded Linux-compatible platform the capability to run Android apps without needing to opt for Google’s automotive offerings. And while plenty of car makers have opted for Android, there are still players Jolla could net for its ‘Google-free’ alternative.

Embedded linux systems also run in plenty of other places, too, so it’s hopeful of wider demand. The software could be used to enable an IoT device to run a particularly popular app, for example, as a value add for customers.

“Jolla is doing fine,” says CEO and co-founder Sami Pienimäki. “I’m happy to see the company turning profitable last year officially.

“In general it’s the overall maturity of the asset and the company that we start to have customers here and there — and it’s been honestly a while that we’ve been pushing this,” he goes, fleshing out the reasons behind the positive numbers with trademark understatement. “The company is turning ten years in October so it’s been a long journey. And because of that we’ve been steadily improving our efficiency and our revenue.

“Our revenue grew over 50% since 2019 to 2020 and we made €5.4M revenue. At the same time the cost base of the operation has stablized quite well so the sum of those resulted to nice profitability.”

While the consumer mobile OS market has — for years — been almost entirely sewn up by Google’s Android and Apple’s iOS, Jolla licenses its open source Sailfish OS to governments and business as an alternative platform they can shape to their needs — without requiring any involvement of Google.

Perhaps unsurprisingly, Russia was one of the early markets that tapped in.

The case for digital sovereignty in general — and an independent (non-US-based) mobile OS platform provider, specifically — has been strengthened in recent years as geopolitical tensions have played out via the medium of tech platforms; leading to, in some cases, infamous bans on foreign companies being able to access US-based technologies.

In a related development this summer, China’s Huawei launched its own Android alternative for smartphones, which it’s called HarmonyOS.

Pienimäki is welcoming of that specific development — couching it as a validation of the market in which Sailfish plays.

“I wouldn’t necessarily see Huawei coming out with the HarmonyOS value proposition and the technology as a competitor to us — I think it’s more proving the point that there is appetite in the market for something else than Android itself,” he says when we ask whether HarmonyOS risks eating Sailfish’s lunch.

“They are tapping into that market and we are tapping into that market. And I think both of our strategies and messages support each other very firmly.”

Jolla has been working on selling Sailfish into the Chinese market for several years — and that sought for business remains a work in progress at this stage. But, again, Pienimäki says Jolla doesn’t see Huawei’s move as any kind of blocker to its ambitions of licensing its Android alternative in the Far East.

“The way we see the Chinese market in general is that it’s been always open to healthy competition and there is always competing solutions — actually heavily competing solutions — in the Chinese market. And Huawei’s offering one and we are happy to offer Sailfish OS for this very big, challenging market as well.”

“We do have good relationships there and we are building a case together with our local partners also to access the China market,” he adds. “I think in general it’s also very good that big corporations like Huawei really recognize this opportunity in general — and this shapes the overall industry so that you don’t need to, by default, opt into Android always. There are other alternatives around.”

On AppSupport, Jolla says the automative sector is “actively looking for such solutions”, noting that the “digital cockpit is a key differentiator for car markers — and arguing that makes it a strategically important piece for them to own and control.

“There’s been a lot of, let’s say, positive vibes in that sector in the past few years — new comers on the block like Tesla have really shaken the industry so that the traditional vendors need to think differently about how and what kind of user experience they provide in the cockpit,” he suggests.

“That’s been heavily invested and rapidly developing in the past years but I’m going to emphasize that at the same time, with our limited resources, we’re just learning where the opportunities for this technology are. Automative seems to have a lot of appetite but then [we also see potential in] other sectors — IoT… heavy industry as well… we are openly exploring opportunities… but as we know automotive is very hot at the moment.”

“There is plenty of general linux OS base in the world for which we are offering a good additional piece of technology so that those operating solutions can actually also tap into — for example — selected applications. You can think of like running the likes of Spotify or Netflix or some communications solutions specific for a certain sector,” he goes on.

“Most of those applications are naturally available both for iOS and Android platforms. And those applications as they simply exist the capability to run those applications independently on top of a linux platform — that creates a lot of interest.”

In another development, Jolla is in the process of raising a new growth financing round — it’s targeting €20M — to support its push to market AppSupport and also to put towards further growing its Sailfish licensing business.

It sees growth potential for Sailfish in Europe, which remains the biggest market for licensing the mobile OS. Pienimäki also says it’s seeing “good development” in certain parts of Africa. Nor has it given up on its ambitions to crack into China.

The growth round was opened to investors in the summer and hasn’t yet closed — but Jolla is confident of nailing the raise.

“We are really turning a next chapter in the Jolla story so exploring to new emerging opportunities — that requires capital and that’s what are looking for. There’s plenty of money available these days, in the investor front, and we are seeing good traction there together with the investment bank with whom we are working,” says Pienimäki.

“There’s definitely an appetite for this and that will definitely put us in a better position to invest further — both to Sailfish OS and the AppSupport technology. And in particular to the go-to market operation — to make this technology available for more people out there in the market.”

 

This Week in Apps: OnlyFans bans sexual content, SharePlay delayed, TikTok questioned over biometric data collection

By Sarah Perez

Welcome back to This Week in Apps, the weekly TechCrunch series that recaps the latest in mobile OS news, mobile applications and the overall app economy.

The app industry continues to grow, with a record 218 billion downloads and $143 billion in global consumer spend in 2020. Consumers last year also spent 3.5 trillion minutes using apps on Android devices alone. And in the U.S., app usage surged ahead of the time spent watching live TV. Currently, the average American watches 3.7 hours of live TV per day, but now spends four hours per day on their mobile devices.

Apps aren’t just a way to pass idle hours — they’re also a big business. In 2019, mobile-first companies had a combined $544 billion valuation, 6.5x higher than those without a mobile focus. In 2020, investors poured $73 billion in capital into mobile companies — a figure that’s up 27% year-over-year.

This Week in Apps offers a way to keep up with this fast-moving industry in one place with the latest from the world of apps, including news, updates, startup fundings, mergers and acquisitions, and suggestions about new apps and games to try, too.

Do you want This Week in Apps in your inbox every Saturday? Sign up here: techcrunch.com/newsletters

Top Stories

OnlyFans to ban sexually explicit content

OnlyFans logo displayed on a phone screen and a website

(Photo Illustration by Jakub Porzycki/NurPhoto via Getty Images)

Creator platform OnlyFans is getting out of the porn business. The company announced this week it will begin to prohibit any “sexually explicit” content starting on October 1, 2021 — a decision it claimed would ensure the long-term sustainability of the platform. The news angered a number of impacted creators who weren’t notified ahead of time and who’ve come to rely on OnlyFans as their main source of income.

However, word is that OnlyFans was struggling to find outside investors, despite its sizable user base, due to the adult content it hosts. Some VC firms are prohibited from investing in adult content businesses, while others may be concerned over other matters — like how NSFW content could have limited interest from advertisers and brand partners. They may have also worried about OnlyFans’ ability to successfully restrict minors from using the app, in light of what appears to be soon-to-come increased regulations for online businesses. Plus, porn companies face a number of other issues, too. They have to continually ensure they’re not hosting illegal content like child sex abuse material, revenge porn or content from sex trafficking victims — the latter which has led to lawsuits at other large porn companies.

The news followed a big marketing push for OnlyFans’ porn-free (SFW) app, OFTV, which circulated alongside reports that the company was looking to raise funds at a $1 billion+ valuation. OnlyFans may not have technically needed the funding to operate its current business — it handled more than $2 billion in sales in 2020 and keeps 20%. Rather, the company may have seen there’s more opportunity to cater to the “SFW” creator community, now that it has big names like Bella Thorne, Cardi B, Tyga, Tyler Posey, Blac Chyna, Bhad Bhabie and others on board.

U.S. lawmakers demand info on TikTok’s plans for biometric data collection

The TikTok logo is seen on an iPhone 11 Pro max

The TikTok logo is seen on an iPhone 11 Pro max. Image Credits: Nur Photo/Getty Images

U.S. lawmakers are challenging TikTok on its plans to collect biometric data from its users. TechCrunch first reported on TikTok’s updated privacy policy in June, where the company gave itself permission to collect biometric data in the U.S., including users’ “faceprints and voiceprints.” When reached for comment, TikTok could not confirm what product developments necessitated the addition of biometric data to its list of disclosures about the information it automatically collects from users, but said it would ask for consent in the case such data collection practices began.

Earlier this month, Senators Amy Klobuchar (D-MN) and John Thune (R-SD) sent a letter to TikTok CEO Shou Zi Chew, which said they were “alarmed” by the change, and demanded to know what information TikTok will be collecting and what it plans to do with the data. This wouldn’t be the first time TikTok got in trouble for excessive data collection. Earlier this year, the company paid out $92 million to settle a class-action lawsuit that claimed TikTok had unlawfully collected users’ biometric data and shared it with third parties.

Weekly News

Platforms: Apple

Image Credits: Apple

  • ⭐ Apple told developers that some of the features it announced as coming in iOS 15 won’t be available at launch. This includes one of the highlights of the new OS, SharePlay, a feature that lets people share music, videos and their screen over FaceTime calls. Other features that will come in later releases include Wallet’s support for ID cards, the App Privacy report and others that have yet to make it to beta releases.
  • Apple walked back its controversial Safari changes with the iOS 15 beta 6 update. Apple’s original redesign had shown the address bar at the bottom of the screen, floating atop the page’s content. Now the tab bar will appear below the page’s content, offering access to its usual set of buttons as when it was at the top. Users can also turn off the bottom tab bar now and revert to the old, Single Tab option that puts the address bar back at the top as before.
  • In response to criticism over its new CSAM detection technology, Apple said the version of NeuralHash that was reverse-engineered by a developer, Asuhariet Ygvar, was a generic version, and not the complete version that will roll out later this year.
  • The Verge dug through over 800 documents from the Apple-Epic trial to find the best emails, which included dirt on a number of other companies like Netflix, Hulu, Sony, Google, Nintendo, Valve, Microsoft, Amazon and more. These offered details on things like Netflix’s secret arrangement to pay only 15% of revenue, how Microsoft also quietly offers a way for some companies to bypass its full cut, how Apple initially saw the Amazon Appstore as a threat and more.

Platforms: Google

  • A beta version of the Android Accessibility Suite app (12.0.0) which rolled out with the fourth Android beta release added something called “Camera Switches” to Switch Access, a toolset that lets you interact with your device without using the touchscreen. Camera Switches allows users to navigate their phone and use its features by making face gestures, like a smile, open mouth, raised eyebrows and more.
  • Google announced its Pixel 5a with 5G, the latest A-series Pixel phone, will arrive on August 27, offering IP67 water resistance, long-lasting Adaptive Battery, Pixel’s dual-camera system and more, for $449. The phone makes Google’s default Android experience available at a lower price point than the soon to arrive Pixel 6.
  • An unredacted complaint from the Apple-Epic trial revealed that Google had quietly paid developers hundreds of millions of dollars via a program known as “Project Hug,” (later “Apps and Games Velocity Program”) to keep their games on the Play Store. Epic alleges Google launched the program to keep developers from following its lead by moving their games outside the store.

Augmented Reality

  • Snap on Thursday announced it hired its first VP of Platform Partnerships to lead AR, Konstantinos Papamiltiadis (“KP”). The new exec will lead Snap’s efforts to onboard partners, including individual AR creators building via Lens Studio as well as large companies that incorporate Snapchat’s camera and AR technology (Camera Kit) into their apps. KP will join in September, and report to Ben Schwerin, SVP of Content and Partnerships.

Fintech

  • Crypto exchange Coinbase will enter the Japanese market through a new partnership with Japanese financial giant Mitsubishi UFJ Financial Group (MUFG). The company said it plans to launch other localized versions of its existing global services in the future.

Social

Image Credits: Facebook

  • Facebook launched a “test” of Facebook Reels in the U.S. on iOS and Android. The new feature brings the Reels experience to Facebook, allowing users to create and share short-form video content directly within the News Feed or within Facebook Groups. Instagram Reels creators can also now opt in to have their Reels featured on users’ News Feed. The company is heavily investing its its battle with TikTok, even pledging that some portion of its $1 billion creator fund will go toward Facebook Reels.
  • Twitter’s redesign of its website and app was met with a lot of backlash from users and accessibility experts alike. The company choices add more visual contrast between various elements and may have helped those with low vision. But for others, the contrast is causing strain and headaches. Experts believe accessibility isn’t a one-size fits all situation, and Twitter should have introduced tools that allowed people to adjust their settings to their own needs.
  • The pro-Trump Twitter alternative Gettr’s lack of moderation has allowed users to share child exploitation images, according to research from the Stanford Internet Observatory’s Cyber Policy Center.
  • Pinterest rolled out a new set of more inclusive search filters that allow people to find styles for different types of hair textures — like coily, curly, wavy, straight, as well as shaved or bald and protective styles. 

Photos

  • Photoshop for iPad gained new image correction tools, including the Healing Brush and Magic Wand, and added support for connecting an iPad to external monitors via HDMI or USB-C. The company also launched a Photoshop Beta program on the desktop.

Messaging

  • WhatsApp is being adopted by the Taliban to spread its message across Afghanistan, despite being on Facebook’s list of banned organizations. The company says it’s proactively removing Taliban content — but that may be difficult to do since WhatsApp’s E2E encryption means it can’t read people’s texts. This week, Facebook shut down a Taliban helpline in Kabul, which allowed civilians to report violence and looting, but some critics said this wasn’t actually helping local Afghans, as the group was now in effect governing the region.
  • WhatsApp is also testing a new feature that will show a large preview when sharing links, which some suspect may launch around the time when the app adds the ability to have the same account running on multiple devices.

Streaming & Entertainment

  • Netflix announced it’s adding spatial audio support on iPhone and iPad on iOS 14, joining other streamers like HBO Max, Disney+ and Peacock that have already pledged to support the new technology. The feature will be available to toggle on and off in the Control Center, when it arrives.
  • Blockchain-powered streaming music service Audius partnered with TikTok to allow artists to upload their songs using TikTok’s new SoundKit in just one click.
  • YouTube’s mobile app added new functionality that allows users to browse a video’s chapters, and jump into the chapter they want directly from the search page.
  • Spotify’s Anchor app now allows users in global markets to record “Music + Talk” podcasts, where users can combine spoken word recordings with any track from Spotify’s library of 70 million songs for a radio DJ-like experience.
  • Podcasters are complaining that Apple’s revamped Podcasts platform is not working well, reports The Verge. Podcasts Connect has been buggy, and sports a confusing interface that has led to serious user errors (like entire shows being archived). And listeners have complained about syncing problems and podcasts they already heard flooding their libraries.

Dating

  • Tinder announced a new feature that will allow users to voluntarily verify their identity on the platform, which will allow the company to cross-reference sex offender registry data. Previously, Tinder would only check this database when a user signed up for a paid subscription with a credit card.

Gaming

Image Source: The Pokémon Company

  • Pokémon Unite will come to iOS and Android on September 22, The Pokémon Company announced during a livestream this week. The strategic battle game first launched on Nintendo Switch in late July.
  • Developer Konami announced a new game, Castlevania: Grimoire of Souls, which will come exclusively to Apple Arcade. The game is described as a “full-fledged side-scrolling action game,” featuring a roster of iconic characters from the classic game series. The company last year released another version of Castelvania on the App Store and Google Play.
  • Dragon Ball Z: Dokkan Battle has now surpassed $3 billion in player spending since its 2015 debut, reported Sensor Tower. The game from Bandai Namco took 20 months to reach the figure after hitting the $2 billion milestone in 2019. The new landmark sees the game joining other top-grossers, including Clash Royale, Lineage M and others.
  • Sensor Tower’s mobile gaming advertising report revealed data on top ad networks in the mobile gaming market, and their market share. It also found puzzle games were among the top advertisers on gaming-focused networks like Chartboost, Unity, IronSource and Vungle. On less game-focused networks, mid-core games were top titles, like Call of Duty: Mobile and Top War. 

Image Credits: Sensor Tower

Health & Fitness

  • Apple is reportedly scaling back HealthHabit, an internal app for Apple employees that allowed them to track fitness goals, talk to clinicians and coaches at AC Wellness (a doctors’ group Apple works with) and manage hypertension. According to Insider, 50 employees had been tasked to work on the project.
  • Samsung launched a new product for Galaxy smartphones in partnership with healthcare nonprofit The Commons Project, that allows U.S. users to save a verifiable copy of their vaccination card in the Samsung Pay digital wallet.

Image Credits: Samsung

Adtech

Government & Policy

  • China cited 43 apps, including Tencent’s WeChat and an e-reader from Alibaba, for illegally transferring user data. The regulator said the apps had transferred users location data and contact list and harassed them with pop-up windows. The apps have until August 25 to make changes before being punished.

Security & Privacy

  • A VICE report reveals a fascinating story about a jailbreaking community member who had served as a double agent by spying for Apple’s security team. Andrey Shumeyko, whose online handles included JVHResearch and YRH04E, would advertise leaked apps, manuals and stolen devices on Twitter and Discord. He would then tell Apple things like which Apple employees were leaking confidential info, which reporters would talk to leakers, who sold stolen iPhone prototypes and more. Shumeyko decided to share his story because he felt Apple took advantage of him and didn’t compensate him for the work.

Funding and M&A

💰 South Korea’s GS Retail Co. Ltd will buy Delivery Hero’s food delivery app Yogiyo in a deal valued at 800 billion won ($685 million USD). Yogiyo is the second-largest food delivery app in South Korea, with a 25% market share.

💰 Gaming platform Roblox acquired a Discord rival, Guilded, which allows users to have text and voice conversations, organize communities around events and calendars and more. Deal terms were not disclosed. Guilded raised $10.2 million in venture funding. Roblox’s stock fell by 7% after the company reported earnings this week, after failing to meet Wall Street expectations.

💰 Travel app Hopper raised $175 million in a Series G round of funding led by GPI Capital, valuing the business at over $3.5 billion. The company raised a similar amount just last year, but is now benefiting from renewed growth in travel following COVID-19 vaccinations and lifting restrictions.

💰 Indian quiz app maker Zupee raised $30 million in a Series B round of funding led by Silicon Valley-based WestCap Group and Tomales Bay Capital. The round values the company at $500 million, up 5x from last year.

💰 Danggeun Market, the publisher of South Korea’s hyperlocal community app Karrot, raised $162 million in a Series D round of funding led by DST Global. The round values the business at $2.7 billion and will be used to help the company launch its own payments platform, Karrot Pay.

💰 Bangalore-based fintech app Smallcase raised $40 million in Series C funding round led by Faering Capital and Premji Invest, with participation from existing investors, as well as Amazon. The Robinhood-like app has over 3 million users who are transacting about $2.5 billion per year.

💰 Social listening app Earbuds raised $3 million in Series A funding led by Ecliptic Capital. Founded by NFL star Jason Fox, the app lets anyone share their favorite playlists, livestream music like a DJ or comment on others’ music picks.

💰 U.S. neobank app One raised $40 million in Series B funding led by Progressive Investment Company (the insurance giant’s investment arm), bringing its total raise to date to $66 million. The app offers all-in-one banking services and budgeting tools aimed at middle-income households who manage their finances on a weekly basis.

Public Markets

📈Indian travel booking app ixigo is looking to raise Rs 1,600 crore in its initial public offering, The Economic Times reported this week.

📉Trading app Robinhood disappointed in its first quarterly earnings as a publicly traded company, when it posted a net loss of $502 million, or $2.16 per share, larger than Wall Street forecasts. This overshadowed its beat on revenue ($565 million versus $521.8 million expected) and its more than doubling of MAUs to 21.3 million in Q2.  Also of note, the company said dogecoin made up 62% of its crypto revenue in Q2.

Downloads

Polycam (update)

Image Credits: Polycam

3D scanning software maker Polycam launched a new 3D capture tool, Photo Mode, that allows iPhone and iPad users to capture professional-quality 3D models with just an iPhone. While the app’s scanner before had required the use of the lidar sensor built into newer devices like the iPhone 12 Pro and iPad Pro models, the new Photo Mode feature uses just an iPhone’s camera. The resulting 3D assets are ready to use in a variety of applications, including 3D art, gaming, AR/VR and e-commerce. Data export is available in over a dozen file formats, including .obj, .gtlf, .usdz and others. The app is a free download on the App Store, with in-app purchases available.

Jiobit (update)

Jiobit, the tracking dongle acquired by family safety and communication app Life360, this week partnered with emergency response service Noonlight to offer Jiobit Protect, a premium add-on that offers Jiobit users access to an SOS Mode and Alert Button that work with the Jiobit mobile app. SOS Mode can be triggered by a child’s caregiver when they detect — through notifications from the Jiobit app — that a loved one may be in danger. They can then reach Noonlight’s dispatcher who can facilitate a call to 911 and provide the exact location of the person wearing the Jiobit device, as well as share other details, like allergies or special needs, for example.

Tweets

When your app redesign goes wrong…

Image Credits: Twitter.com

Prominent App Store critic Kosta Eleftheriou shut down his FlickType iOS app this week after too many frustrations with App Review. He cited rejections that incorrectly argued that his app required more access than it did — something he had successfully appealed and overturned years ago. Attempted follow-ups with Apple were ignored, he said. 

Image Credits: Twitter.com

Anyone have app ideas?

A new Senate bill would totally upend Apple and Google’s app store dominance

By Taylor Hatmaker

With two giants calling the shots and collecting whatever tolls they see fit, mobile software makers have long complained that app stores take an unfair cut of the cash that should be flowing directly to developers. Hearing those concerns, a group of senators introduced a new bill this week that, if passed, would greatly diminish Apple and Google’s ability to control app purchases in their operating systems and completely shake up the way that mobile software gets distributed.

The new bill, called the Open App Markets Act, would enshrine quite a few rights that could benefit app developers tired of handing 30% of their earnings to Apple and Google. The bill, embedded in full below, would require companies that control operating systems to allow third-party apps and app stores.

It would also prevent those companies from blocking developers from telling users about lower prices for their software that they might find outside of official app stores. Apple and Google would also be barred from leveraging “non-public” information collecting through their platforms to create competing apps.

“This legislation will tear down coercive anticompetitive walls in the app economy, giving consumers more choices and smaller startup tech companies a fighting chance,” said Senator Richard Blumenthal (D-CT), who introduced the bipartisan bill with Sen. Marsha Blackburn (R-TN), and Sen. Amy Klobuchar (D-MN). Klobuchar chairs the Senate’s antitrust subcommittee and Blackburn and Blumenthal are both subcommittee members.

Senator Blackburn called Apple and Google’s app store practices a “direct affront to a free and fair marketplace” and Sen. Klobuchar noted that their behavior raises “serious competition concerns.”

The bill draws on information collected earlier this year from that subcommittee’s hearing on app stores and competition. In the hearing, lawmakers heard from Apple and Google as well as Spotify, Tile and Match Group, three companies that argued their businesses have been negatively impacted by anti-competitive app store policies.

“… We urge Congress to swiftly pass the Open App Markets Act,” Spotify Chief Legal Officer Horacio Gutierrez said of the new bill. “Absent action, we can expect Apple and others to continue changing the rules in favor of their own services, and causing further harm to consumers, developers and the digital economy.”

The Coalition for App Fairness, a developer advocacy group, praised the bill for its potential to spur innovation in digital markets. “The bipartisan Open App Markets Act is a step towards holding big tech companies accountable for practices that stifle competition for developers in the U.S. and around the world,” CAF executive director Meghan DiMuzio said.

Hoping to head off future regulatory headaches, Apple dropped its own fees for companies that generate less than $1 million in App Store revenue from 30% to 15% last year. Google followed suit with its own gesture, dropping fees to 15% for the first $1 million in revenue a developer earns through the Play Store in a year. Some developers critical of the companies’ practices saw those changes as little more than a publicity stunt.

Developers have long complained about the high tolls they pay to distribute their software through the world’s two major mobile operating systems. That fight escalated over the last year when Epic Games circumvented Apple’s payments rules by allowing Fortnite players to pay Epic directly, setting off a legal fight that has huge implications for the mobile software world. Following a May trial, the verdict is expected later this year.

“This will make it easier for developers of all sizes to challenge these harmful practices and seek relief from retaliation, be it during litigation or simply because they dared speak up,” Epic Games VP of Public Policy Corie Wright said of the new bill.

Unlike Apple, Google does allow apps to be “sideloaded,” installed onto devices outside of the Google Play Store. But documents unsealed in Epic’s parallel case against Google revealed that the Play Store’s creator knows the sideloading process is a terrible experience for users — something the company brings up when pressuring developers to stick with its official app marketplace.

The counterargument here is that official app stores make apps safer and smoother for consumers. While Apple and Google extract heavy fees for selling mobile software through the App Store and the Google Play Store, the companies both argue that streamlining apps through those official channels protects people from malware and allows for prompt software updates to patch security concerns that could jeopardize user privacy.

“At Apple, our focus is on maintaining an App Store where people can have confidence that every app must meet our rigorous guidelines and their privacy and security is protected,” an Apple spokesperson told TechCrunch.

Adam Kovacevich, a former Google policy executive who leads the new tech-backed industry group Chamber of Progress, called the new bill “a finger in the eye” for Android and iPhone owners.

“I don’t see any consumers marching in Washington demanding that Congress make their smartphones dumber,” Kovacevich said. “And Congress has better things to do than intervene in a multi-million-dollar dispute between businesses.”

At least in Google’s case, the counterargument has its own counterargument. Android has long been notorious for malware, but apparently most of that malicious software isn’t making its way onto devices through sideloading — it’s walking through the Google Play Store’s front door.

 

FEMA just tested the US national emergency alert system

By Zack Whittaker

emergency alert

FEMA will test its national emergency alert system later this week. Image: Getty Images

Did you hear it? FEMA just ran its first nationwide test of the U.S. emergency alert system since the pandemic.

The Federal Emergency Management Agency, or FEMA, tested both the Emergency Alert System (EAS), which broadcasts an emergency tone and message on televisions and radios, and the Wireless Emergency Alerts (WEA), a newer system that sends emergency notifications to smartphones. This was the second nationwide test of the WEA after its debut in 2018, and the first test for all U.S. cell phones who chose to opt-in to receive test alerts.

The test began around 2:20 p.m. ET. If you opted-in to the test, you likely got a message on your phone that said: “This is a test of the National Wireless Emergency Alert System. No action is needed.” (The FCC explains how to opt-in to test alerts.)

For the first time, the WEA test sent the same test message in Spanish to phones that have Spanish set as the default language.

This is what the test WEA emergency alert looks like. Image Credits: WA Emergency Management (opens in a new window)

Since the last nationwide test in 2019, FEMA said it has improved WEA to send longer, detailed messages to the majority of phones that support it. The update also allows authorities to include tappable links, like web addresses.

FEMA runs these tests every year or two to ensure the system is working properly. It’s no small task: A national emergency alert system designed to broadcast the same message to potentially hundreds of millions of people at any given time is fraught with technological hurdles that require close co-operation from the cell carriers and broadcast networks.

The EAS system has been around since the late 1990s, but WEA was developed more recently as more Americans rely on their phones. WEA alerts, like EAS alerts, are designed to be sent by local and state authorities for public safety alerts, missing children and imminent threats, such as severe weather. More recently, FEMA rolled out “presidential alerts,” which are supposed to be sent to every phone in the U.S. in the event of a national emergency. Presidential alerts, unlike other alerts, can be issued by the sitting president for any reason, and Americans cannot opt out.

WEA broadcasts emergency notifications through the cell towers of an affected area — such as an area about to be hit by a storm — rather than sending tens of millions of text messages, which would grind the cell networks to a halt. The alerts are created by local, state or federal authorities and are authenticated by FEMA through the Integrated Public Alert & Warning System, or IPAWS, and then passed to cell carriers to deliver the emergency alert.

The emergency alert system, though, is far from perfect. In 2018, an erroneous alert sent to Hawaii residents warned of an imminent ballistic missile threat,” and that “this is not a drill.” Minutes later, the alert was canceled. The false warning came as tensions between the U.S. and North Korea were at an all-time high, during which Pyongyang was regularly test-firing rockets used for its nuclear weapons program.

Security experts have also long warned that the EAS systems pose security risks. Last year, researchers found dozens of internet-connected, special-purpose servers , used by television and radio stations to interrupt their broadcasts to relay an emergency alert, which they said could allow a hacker to break in and compromise the servers.

This tool tells you if NSO’s Pegasus spyware targeted your phone

By Zack Whittaker

Over the weekend, an international consortium of news outlets reported that several authoritarian governments — including Mexico, Morocco, and the United Arab Emirates — used spyware developed by NSO Group to hack into the phones of thousands of their most vocal critics, including journalists, activists, politicians and business executives.

A leaked list of 50,000 phone numbers of potential surveillance targets was obtained by Paris-based journalism non-profit Forbidden Stories and Amnesty International, and shared with the reporting consortium, including the Washington Post and The Guardian. Researchers analyzed the phones of dozens of victims to confirm they were targeted by the NSO’s Pegasus spyware, which can access all of the data on a person’s phone. The reports also confirm new details of the government customers themselves, which NSO Group closely guards. Hungary, a member of the European Union where privacy from surveillance is supposed to be a fundamental right for its 500 million residents, is named as an NSO customer.

The reporting shows for the first time how many individuals are likely targets of NSO’s intrusive device-level surveillance. Previous reporting had put the number of known victims in the hundreds or over a thousand.

NSO Group sharply rejected the claims. NSO has long said that it doesn’t know who its customers target, which it reiterated in a statement to TechCrunch on Monday.

Researchers at Amnesty, whose work was reviewed by the Citizen Lab at the University of Toronto, found that NSO can deliver Pegasus by sending a victim a link which when opened infects the phone, or silently and without any interaction at all through a “zero-click” exploit, which takes advantage of vulnerabilities in the iPhone’s software. Citizen Lab researcher Bill Marczak said in a tweet that NSO’s zero-clicks worked on iOS 14.6, which until today was the most up-to-date version.

Amnesty’s researchers showed their working by publishing meticulously detailed technical notes and a toolkit that they said may help others identify if their phones have been targeted by Pegasus.

The Mobile Verification Toolkit, or MVT, works on both iPhones and Android devices, but slightly differently. Amnesty said that more forensic traces were found on iPhones than Android devices, which makes it easier to detect on iPhones. MVT will let you take an entire iPhone backup (or a full system dump if you jailbreak your phone) and feed in for any indicators of compromise (IOCs) known to be used by NSO to deliver Pegasus, such as domain names used in NSO’s infrastructure that might be sent by text message or email. If you have an encrypted iPhone backup, you can also use MVT to decrypt your backup without having to make a whole new copy.

The Terminal output from the MVT toolkit, which scans iPhone and Android backup files for indicators of compromise. (Image: TechCrunch)

The toolkit works on the command line, so it’s not a refined and polished user experience and requires some basic knowledge of how to navigate the terminal. We got it working in about ten minutes, plus the time to create a fresh backup of an iPhone, which you will want to do if you want to check up to the hour. To get the toolkit ready to scan your phone for signs of Pegasus, you’ll need to feed in Amnesty’s IOCs, which it has on its GitHub page. Any time the indicators of compromise file updates, download and use an up-to-date copy.

Once you set off the process, the toolkit scans your iPhone backup file for any evidence of compromise. The process took about a minute or two to run and spit out several files in a folder with the results of the scan. If the toolkit finds a possible compromise, it will say so in the outputted files. In our case, we got one “detection,” which turned out to be a false positive and has been removed from the IOCs after we checked with the Amnesty researchers. A new scan using the updated IOCs returned no signs of compromise.

Given it’s more difficult to detect an Android infection, MVT takes a similar but simpler approach by scanning your Android device backup for text messages with links to domains known to be used by NSO. The toolkit also lets you scan for potentially malicious applications installed on your device.

The toolkit is — as command line tools go — relatively simple to use, though the project is open source so not before long surely someone will build a user interface for it. The project’s detailed documentation will help you — as it did us.

Read more:


You can send tips securely over Signal and WhatsApp to +1 646-755-8849. You can also send files or documents using our SecureDrop. Learn more

❌