Unauthorized App Store Purchases and the iTunes Store Support Experience

2024 Author: Malcolm Clapton | [email protected]. Last modified: 2023-12-17 03:44

Recently, I had an amazing story with unauthorized purchases, correspondence with iTunes Store support and a happy ending. Therefore, I would like to talk about how not to get into a similar situation and what to do if you are in my place. But first, a little background.

Sometime in late June, when I tried to update or download programs from the App Store, I received a message with the following content:

Activating the account at the specified address took only a couple of minutes, after which I successfully forgot about the problem, without even trying to find the cause of its occurrence, and continued working with the iOS app store as usual, but in vain. Looking ahead, I will add that such a blocking can happen automatically - after a certain number of incorrect attempts to enter the password from your Apple ID.

After that, exactly two weeks passed, and it was at the very moment when I did not have the Internet for two days, some bad person downloaded an application (a variation of poker) from the App Store on my behalf, and then made a purchase in the application of an object of incomprehensible purpose with the strange name "15M chips" for $ 20:

The attentive reader will undoubtedly ask the question, how simple was my password? The answer is: not so simple and it fit the requirements described below (once generated using pwgen). I am still at a loss to guess.

Along with the payment receipt, I received two more letters. They indicated that these purchases were made from a computer that was not previously associated with my Apple ID, and also suggested that I change my password as soon as possible:

I want to warn users: if you find yourself in a similar situation, do not download the application out of idle curiosity - this will be another confirmation of your innocence.

A special piquancy of the situation was given by the fact that I hate gambling, especially poker:-) An unpleasant moment, but the reasons for the June account blocking immediately became clear.

The range of opinions obtained from a cursory survey of friends was quite wide: some said that it was worth writing to the iTunes Store support service, and some said that Apple would not dress up for $ 20. As it turned out, it will.

At the entrance of the journey following the links "Report a problem" I was thrown to the contact form, where I filled in the appropriate fields, in the drop-down list "Specific request" I selected the item "I have unauthorized purchases on my account", indicated "Order number" (it is in the payment receipts) and did not forget to describe the details in detail.

Since I have an American Apple ID, I had to write the letter and communicate with the support service in English. So if you have problems with a foreign language, I recommend that you give it to someone else to read and correct before sending your letter.

Unfortunately, we did not receive a response to the first request within the promised 24 hours. They didn’t pay any attention to me on the second day, so I just reissued the application and after a few hours read the first letter from a very polite employee of the iTunes Store Customer Support named Ranjit.

To prevent attackers (whoever they were) from buying anything else, Ranzhit temporarily disabled the download option for my Apple ID and said that In-App Purchase without my consent is an exception to the rules for providing services in Apple stores and, therefore, I I can count on a refund, which should occur within 5-7 banking days (although everything went much faster). Also, the letter stated that I may not see the returned money until I log out and log into my account again.

There is one more nuance: the money was debited from Store Credit, which appears after replenishing the account with a Gift-card. And it is not known how the story would have ended if the refund had to be made to a credit card with my real address. I'm 99% sure that the account would simply be banned.

My Apple ID was not completely blocked: I could not download applications, but I entered my personal account without any problems. And to complete the full activation, Ranjit had to write another letter.

In it, it was necessary to indicate the billing address associated with the account, and one thing to choose from:

• Order number of the most recent purchase or free download (it can be viewed in iTunes - section "Most Recent Purchase").
• Or the name of some application that I have ever downloaded with this account.

The true owner of an Apple ID will have no difficulty in answering these questions. Also, I did not indicate my phone number, but if they want to talk to you live, it is worth saying that at the moment you are abroad and therefore you no longer use that number (in the USA, as far as I know, there is a practice to reuse old phone numbers) …

Finally, my assistant from the iTunes Store support service once again strongly advised me to change the password (which I had already done by that time) and gave a link to such an article (English) from the Apple knowledge base, which describes some tricks to ensure the security of your account records.

I will cite some interesting points from it. First, Apple recommends that you exit the iTunes / App / Mac App Store whenever you've finished shopping there. Secondly, when setting a password, the user can use the following recommendations:

• Do not use the same password for multiple accounts or a password that matches the account name.
• Do not use previous passwords.
• Do not tell anyone your Apple ID password and the answer to your secret question, not even your family members. Moreover, the answer to the secret question should be non-obvious, so that it would be more difficult to pick it up.
• Change your password from time to time to reduce the risk of falling into a situation similar to mine.

And the password itself must be at least 8 characters in length, contain at least one number, one uppercase, one lowercase letter (you can add some other sign to be sure, for example,

@ $ !

) and not contain three identical consecutive characters.

One way or another, in any situation, I recommend that you do not despair and do not do rash acts. Take time out, consult with more experienced people and the strategy will work out by itself. Apple's attitude towards customers is also indicative.