updated 04:35 pm EST, Thu March 10, 2011
Apps exploited 15-minute password-free window
The new iOS 4.3 firmware implements a modification of Apple's in-app purchase policy, says Apple spokeswoman Trudy Muller. Previously, a 15-minute window existed after downloads in which subsequent in-app purchases could be made without having re-enter a password. This led to a number of highly-publicized incidents in which children racked up hundreds of dollars on their parents' credit cards.
Some apps are believed to have been exploiting the window by charging for game bonuses, at times without making it clear that real-world money was involved. Under iOS 4.3 though passwords must now be re-entered for any in-app purchase. Parental controls were already able to block in-app downloads, but because iOS doesn't support multiple user accounts, the feature may have been useless for parents letting their children borrow a handheld.
Apple and the App Store have come under increasing political fire in recent months. While the company may be able to dodge some FTC scrutiny by changing the password window, it is still facing an investigation over in-app subscriptions. Apple currently requires that any outside subscription payment option be matched by an in-app one costing the same or less, a policy that may violate antitrust laws.