Skip to content

Corporate developer certificates were also being used to distribute pirated apps

Reuters

Apple is doing a considerable clean up with its corporate certificates . Thanks to this feature developers can distribute apps without going through the App Store and without going through a software review. But many have been abusing this feature and using it for activities that are not allowed, such as distributing pirated apps.

Corporate developer certificates were also being used to distribute pirated apps
Corporate developer certificates were also being used to distribute pirated apps

After the misuse of Apple’s corporate certificates by Facebook and Google came to light, Apple began to take action. They were not the only ones misusing it, it was also recently discovered that dozens of gambling apps were taking advantage of this certificate as well. And there are even more, it seems that many developers were using this distribution method to submit pirate paid applications.

At AppleMore certificate abuse: Dozens of porn and game apps violate App Store content controls

Spotify or Minecraft cheaper and without advertising

According to Reuters, distributors of software such as TutuApp, Panda Help, AppValley and TweakBox gained access to Apple’s Enterprise Developer Certificate program and have been using it to distribute pirated and ad-free versions of Spotify, Pokemon Go, Minecraft and other popular applications. The business is round: they charge users an annual subscription and in return offer them paid apps and subscription services on a cheaper basis.

In Apple’s statement to Reuters:

This corporate certificate program was created with the idea of making it easier for large companies to distribute internal apps to their employees . But make the law, make the trap. These last weeks are coming out endless examples where the certificate is being misused by developers and third parties.

Two-factor authentication for developers

While Apple has been revoking these certificates on many occasions, developers who have abused them or violated App Store rules simply create a new developer account . One of the measures Apple has taken to deal with this is also to require two-factor authentication.

So from now on they will have a harder time creating multiple accounts . Will they complain that it now takes too long to login and sue Apple like some users in the US did?

Via