Security researchers at Sophos Labs have alerted Google to the presence of more than two dozen apps on the Play Store that are abusing a loophole in Google's policies that allow them to charge hefty fees to unsuspecting users. Here's how it works: Many apps offer a free and subscription-based service, and many of those allow users to try the full version of the app for a free trial period.
If they decide they don't want to pay for the full version, they can cancel their subscription before the free trial ends and avoid any fees.
According to the letter of the law of Google's policies though, canceling a free trial and uninstalling the app in question are two separate events. Most developers interpret an uninstall as a cancellation of the free trial, but not all. A few unsavory developers have decided that unless the user specifically cancels their free trial prior to uninstalling the app, they'll charge them anyway.
Charges can amount to hundreds of dollars
In many cases, the charges are modest. However, the worst abusers of this policy have hit unsuspecting users with charges amounting to hundreds of dollars for very simple apps like calculators, GIF creators or QR code readers.
Since being alerted to the issue, Google has removed more than half of the offending apps, but a few of them remain. Be sure you look closely at the terms of any app you install. The last thing you want is to be hit with a hefty fee for what amounts to a moderately useful app.
It should be noted that the apps in question can, in no way, be described as malware. They're perfectly innocent apps that developers have built excessive, even predatory fees into. Kudos to Google for taking a stand against the practice but we wish they had washed them all away. As it stands, there are still a few bad actors on the Play Store, so be mindful of that.
As Hill Street Blues' Sgt. Esterhaus always advised: "Hey, let's be careful out there!"
Meanwhile, check out this report
This free executive report may give you insights into how to build your business with safe IT environments: 10 Hidden IT Risks That Might Threaten Your Business and 1 Easy Way to Find Them
I am Denis Wilson, President and Principal Consultant for DWP Information Architects. I help professionals grow their business by building a foundation of rock-solid information solutions for smaller healthcare, insurance, financial, legal, and nonprofits firms in Ventura County and San Fernando Valley. And have created cost-effective IT solutions, for over 20 years, specializing in cybersecurity and regulatory compliance. I am also a published author and speaker, working extensively with a variety of organizations, as well as providing small business technology education programs through business and professional associations. This just in: I will be speaking regularly at California Lutheran University's Center for Nonprofit Leadership starting in September.
Contact me if you would like me to speak at your association.