Welcome to the WeChat subscription number of “Sina Technology”: techsina
Text / Li Huan
Source / Bento Finance (ID: daxiongfan)
Wang Xiaolin, a Beijing car owner who originally wanted to register for “Dida Travel”, was recently deceived by a skin-changing app called “Dida Shunfengche”.
At the beginning of August this year, she used the “tick ride” for the first time, and was forcibly charged a car owner certification fee of 9 yuan and 9 yuan. In the end, not only did the registration fail, but she also failed to get through to the customer service phone number of the other party.
When she posted her personal experience on the black cat complaint platform, she found out that she was not the only one who was deceived, and some users claimed that she was induced to buy a VIP membership of 588 yuan for two years.
Chen Peng, who purchased a VIP member of 588 yuan, said, “Apple and major Android malls have put on the ‘Tick Tick’, and from the logo and text as well as the application introduction, they all travel with porcelain tick.”
The so-called copycat apps, such as ticking, are the application software that seeks illegal profits by stealing the icons and names of genuine apps to infringe on the rights and interests of users.
The harm of the copycat App is no less than the Trojan horse virus.
Wang Yuan, a partner of Beijing Gaoqin Law Firm, told Ben Luan Finance that these copycat apps appearing in the inducement links are highly similar to the genuine apps. Once downloaded, it is easy to covertly and illegally collect users’ personal information, especially the address book and track, etc. In addition, Shanzhai Apps frequently pop up windows to prompt for prize redemption, deduction, etc., and then implement financial fraud.
As an application store for copycat software filters, although it has continuously improved its review capabilities in recent years, it is still difficult to avoid it becoming the hardest hit area for copycat software.
Last year alone, Apple’s App Store blocked 63,500 pirated apps. With the closed ecology and the more powerful App Store, the more open Android system is undoubtedly facing a more complex governance environment in the face of massive copycat software.
The Internet field has always been the hardest hit by the flood of fake apps.
When social e-commerce was surging in 2018, Pinduoduo became a star company involved in the “copycat whirlpool”, followed by a large number of copycat apps. They are only one word apart from Pinduoduo, such as “pingduoduo”, “pinduoduo”, “juduoduo” and so on. In the early operation, these unrecognizable names were enough to confuse user groups in remote areas, and the elderly population was a high-risk group of being deceived.
In addition to the name, Shanzhai App also imitates the business model. For example, a high-quality imitation software called Pinquduo tries to imitate social e-commerce, but the designed group purchase can be placed by a single person, and the “group purchase” function is useless.
The reason why imitation apps with tenacious vitality emerge in an endless stream is also related to the low technical threshold behind them.
Box Lunch Finance found that some technology companies will advertise on Zhihu, saying that they have short video App source code similar to Douyin; on station B, you can directly search for various development tutorials of “Douyin Kuaishou” .
The production of copycat software has already formed a secret and stable industrial chain in the black market.
For mature copycat software developers, a set of front-end frameworks can be made in a few days. The creation of servers, source codes, domain names, and service providers can be solved by online leasing.
Like a lending app on the Apple App Store, some black industry practitioners offer 5,500 yuan, which can achieve a 1:1 level of replication, but this does not include subsequent monthly operating fees and other expenses. If the software of some listed companies is counterfeited, the quotation is even as high as nearly 30,000 yuan, and it can be completed in 20 days.
If you want these counterfeit apps to be successfully launched on the Apple or Android app store, you only need to pay the corresponding fee after completion.
In the way of making money, Shanzhai App has also thought of many ways.
For example, a copycat software with a very low cost just bears a name and icon very similar to the original software, and can earn huge advertising fees by replacing the advertisers of the original software and collecting user privacy. User data complete scam.
There is even a type of fraudulent software that pursues “free subscription + subscription deduction” on the Apple App Store.
For example, an inconspicuous “PDF reader” was once the most downloaded app in the Mac App Store in the United States. This kind of small-scale app is extremely inductive. After the user installs and uses it, a series of deceptive buttons will pop up on the page, which can mislead users to subscribe in three or two steps. When the free trial period expires, ” Subscription” began to be deducted quietly.
In order to allow more users to see and subscribe, many copycat software often increase exposure by brushing downloads and comments.
At the end of February this year, software developer Kevin Archer (Kevin Archer) found that the “Authenticator-2 Factor App” software developed by himself was copied by a Russian software, “Authenticator-App”, whose name is very similar to the original version .
This copycat software requires users to evaluate it in the app store to increase the popularity of the software when it is used for the first time.
Moreover, Authenticator-App also adopts a “subscription system”. Once the user forgets to cancel the subscription, he will pay a subscription fee of $3.99 per week.
Countless copycat apps are hidden in many links and app stores of unknown origin. Under the heavy pressure of supervision every year, these dangerous software will be cleaned up and removed from the shelves in a centralized manner.
However, since the development technology of many apps is open source, it is easy for a copycat app to change places in the cyberspace.
This also directly caused the Android app store to become a “fertile ground” for copycat software.
Wang Yuan told Benban Finance that because of the openness of the Android system, “copycat” apps are likely to appear on Android-based mobile phones, and the supervision of “calling” and “removing” apps that illegally collect personal information is also mainly about App for Android.
According to data released by the Anti-Fraud Center of the Cyberspace Administration of China in 2022, 42,000 counterfeit apps were investigated and included in the national fraud-related black sample database.
More importantly, the number of fake apps will also increase with the popularity of genuine software.
Pei Zhiyong, the chief anti-fraud expert of 360, once introduced that when the number of genuine apps exceeds 50 million, there will be at least 700 kinds of knockoffs in the market, and there will be two or three behind apps with less than 100,000. Ten “pirates” follow.
The Apple App Store is also not foolproof when it comes to dealing with rampant copycat risky software.
In August 2014, Shanghai Lujiazui International Financial Assets Trading Market Co., Ltd. (hereinafter referred to as “Lufax”) discovered a fake version of Lufax’s official app hidden on the Apple App Store during daily security monitoring.
This pirated software has potential security risks and may mislead users. Lufax requested Apple to remove the potentially infringing apps, but did not receive a positive response from Apple. Three months later, Lufax directly submitted a lawsuit to the San Francisco District Court in Northern California, USA. shape.
In fact, the appearance of fake copycat software in the Apple Store is not new. For example, “Temple Jump” and “Plant vs. Zombie” that appeared in the past have imitated “Temple Run” and “Plants vs. Zombies” respectively.
It is still a difficult problem to completely manage the copycat App.
In the “Regulations on the Administration of Mobile Internet Application Information Services”, which will be implemented on August 1, 2022, the responsibility for personal information protection, content review, and data security of app stores has been strengthened.
In order to solve the problem of non-uniform App audit standards brought about by the openness of the Android system, the China Academy of Information and Communications Technology Taier Terminal Laboratory, which is affiliated to the Ministry of Industry and Information Technology, has specially developed a set of “App Signature Service System” to build a unified App certification and signature system. Improve the traceability of each link of the app, and promote the resolution of the counterfeiting problem of the app.
Up to now, Kuaishou, Kuaishou Express Edition, 360 Mobile Assistant, Huawei, Xiaomi, etc. have all connected to the “App Signature Service System”.
As long as the software’s App signature can stand the test, it proves that the app is reliable. In other words, the app signing service system solves the problem of app signing, allowing genuine apps to obtain a digital certificate that is difficult to forge.
It is not easy to obtain this certificate, so the entry threshold of Shanzhai App is naturally raised.
In the App Store, whether a software can be downloaded or not is decided by a team called App Review.
Initially, the review team consisted of only three reviewers who were responsible for reviewing the entire application. But remember, when the App Store launched in 2008, there were only 500 apps.
Around 2019, Apple’s app review team grew to more than 300 people, according to people familiar with the matter. By this time, the number of Apple applications had grown to more than 2 million.
For the App Store, which insists on manual review, this is a time-consuming project. The review team of hundreds of people is dealing with thousands of suspicious software, and the review resources will still be very tight.
According to CNBC, each Apple reviewer needs to complete 50 to 100 app reviews every day, and the review time for each app is generally only a few minutes.
There is a 40% chance of being rejected when an app is listed or updated on the Apple App Store. However, if there is a pixel-level imitation of genuine pirated software, coupled with the limited time for reviewers to review each software, many copycat software still slip through the net.
Wang Yuan told Ben Lun Finance that the large number of netizens in China, the wide variety of apps, and the lack of awareness among netizens are all the difficulties that counterfeit software will encounter in the governance. More importantly, App development costs are low and changes are fast, and many underlying technologies are open source. Even if it is removed from the shelves, it will soon be possible to “start anew”.
To truly play the role of the “gatekeeper” of copycat software, the app store still needs to solve more challenges.
This article is reproduced from: http://finance.sina.com.cn/tech/csj/2022-09-20/doc-imqmmtha8075114.shtml
This site is for inclusion only, and the copyright belongs to the original author.