Path bills itself as a social network that cares about privacy. For a while it was also an App Store outlaw. When iPhone users downloaded it through Apple’s popular storefront, the software surreptitiously sent a user’s entire contacts list—including e-mail addresses, names, and phone numbers—to the company’s servers. That wasn’t just creepy, it was a violation of Apple’s rules. An engineer in Singapore revealed the transgression on his blog in February, and Path co-founder Dave Morin got hauled into Apple’s headquarters to be grilled by Chief Executive Officer Tim Cook and other executives, according to people familiar with the meeting but not authorized by Apple (AAPL) to discuss it. As the Path controversy unfolded, it became clear that several other popular apps uploaded contacts as well.
With the App Store’s debut in 2008, Apple revolutionized the way tech companies interact with their customers and third-party developers. Instead of the open-air sandbox typified by Microsoft’s (MSFT) Windows, where developers can create any programs they want and distribute them any way they please, Steve Jobs decided that Apple would have to OK every bit of code that reaches its customers. He effectively built a walled garden for Apple users. The explicit promise was, and still is, that in exchange for giving up some control, developers and consumers get a curated marketplace where the software is high-quality, free of bugs and malware, and unplagued by scams and marketing gimmicks.
But living up to those promises has become increasingly difficult as the App Store has expanded to include nearly 600,000 games, organizational tools, and other programs. Once criticized by app developers for long approval times and arbitrary rejections, Apple is now struggling with the opposite problem: letting through too many apps that violate the company’s own privacy rules or rip off trademarks. The company is also trying to swat down startups trying to manipulate the App Store, which has helped drive sales of more than 315 million iPhones, iPads, and iPod touches. Apple declined to comment for this story.
GTekna exemplifies Apple’s struggle. Run by Chang-Min Pak, a soft-spoken former Adobe Systems (ADBE) engineer who works out of his Palo Alto home, GTekna offers to get any app onto the list of the App Store’s most popular programs. This is beachfront real estate: About 63 percent of App Store downloads come from customers browsing Apple’s leader board, according to market researcher Nielsen (NLSN), and the top apps get about 100,000 downloads a day, says marketing firm Fiksu.
To get into this digital store window, Pak charges $9,000 to $13,000. “We are very good at pushing rankings in a short period of time,” he says. SGN, a game-maker led by Myspace.com co-founder Chris DeWolfe, and Seattle-based Big Fish Games are among the companies that have used the service. (Big Fish spokeswoman Susan Lusty says her company no longer does. SGN did not respond to requests for comment.) Pak says he made more than $2 million last year and used it to buy a house in Palo Alto and a Mercedes for his wife.
Munching on Girl Scout cookies in a coffee shop near Stanford University, Pak won’t go into much detail about how he does it. He says he buys ad space on 10 to 15 religious, sports, gaming, and other websites. Many of the ads exhort users to download an app in exchange for a chance to win a gift card or other prize. Chris Akhavan, a vice president at app marketing service Tapjoy, says he suspects Pak operates a ring of remote computers called “bots,” all programmed to download thousands of apps on command. GTekna “generates illegitimate downloads … from fake accounts,” he says.
Others speculate that Pak pays thousands of Chinese workers pennies to download apps all day. Pak denies those allegations. “Nobody knows what they were doing,” says Andrej Nabergoj, CEO of Iddiction, an app-promotion firm.
Apple on Feb. 6 announced a new policy banning developers who use services that promise high rankings. App Store downloads in the U.S. decreased 24 percent from January to February; they dropped 15 percent in the same period in 2011, according to researcher App Annie. A drop-off in downloads from rank manipulators such as GTekna could explain the performance difference. Pak says that even after the ban, he’s attracting new customers.
For Apple, monitoring the App Store is like playing Whac-A-Mole. It also changed its policies in 2011 to stop Tapjoy, which was manipulating the leader board by offering prizes to users, including game currency, in return for downloading apps developed by Tapjoy clients. In response to Apple’s policy switch, Tapjoy started directing app users to a website outside Apple’s control where it could continue paying incentives for downloads. In a separate incident in February, Apple ejected a batch of copycat apps it had previously approved. The apps had names that were slight variations of popular titles such as Angry Birds and Temple Run, meant to confuse people into buying the ersatz games.
The stakes here go beyond sales. If apps can skirt Apple’s rules in the name of profit, what’s to stop a hacker with malicious intent from doing the same? One former Apple manager who asked not to be named while discussing his ex-employer, said thousands of new apps are submitted every month, and each gets reviewed for only about 15 minutes. (Apps flagged for rejection get a second review by a committee.) “You still have a human factor, and people will always find ways to do things that someone else hasn’t considered or to game the system in their favor,” says Michael Gartenberg, a technology analyst with Gartner (IT).
Apple may be trying to get ahead of the problem. In February it paid about $50 million for startup Chomp, which makes a search engine to help smartphone and tablet owners discover new apps and could reduce users’ reliance on the leader board. Chomp’s analytics could also help Apple build a better algorithm for determining App Store popularity, says Tomer Kagan, CEO of rival app search company Quixey. Traditionally, the algorithm rewarded volume of downloads. By including more factors, such as how often a downloaded app gets used, the leader board might more accurately reflect popularity, says Craig Palli, a Fiksu vice president.
The sealed environment Jobs created means that Apple has less experience battling interlopers with not-so-nice intentions than companies like Google (GOOG) that have long dealt with efforts to manipulate search results. “It’s not part of their DNA,” says Tim O’Reilly of publisher O’Reilly Media. “As you get more and more stuff there, it becomes harder and harder to distinguish the good from the bad. I’m sure they will get there, but it’s clear they have a long way to go.”