Within days of the May debut of James Vaughan’s 99¢ game, Plague Inc., on the Apple App Store, hackers made it available online for free. Up to 35 percent of the game’s downloads have been illegal, he says. “Piracy is a problem of success,” says Vaughan, whose game lets players infect a virtual world with pathogens. “I can’t be too angry about piracy.” Still, the game has gotten 1.6 million paid downloads, so had all the pirated downloads also been paid, the 25-year-old Londoner would have earned more than $500,000 more.
Long the scourge of the movie, music, and video game industries, pirates have turned their attention to apps, making a significant dent in mobile-app store sales, which researcher Yankee Group expects to generate $10.1 billion this year. There are lots of ways to steal an app; it usually involves copying its code and publishing it on an online forum or a legitimate app store. Sales would be 20 percent to 50 percent higher if it weren’t for piracy, says Carl Howe, a Yankee vice president. “The order of magnitude is tens of thousands to hundreds of thousands of dollars in losses per developer.”
Keith Kupferschmid, general counsel of the Software & Information Industry Association, says app piracy is different from other forms of entertainment piracy: “A lot of these apps are done by students. You get a lot of small businesses, regular individuals being hurt here,” he says. “The individual or a small company doesn’t have the resources to pursue piracy.”
In August, the Department of Justice seized the domain names of three websites—applanet.net, appbucket.net, and snappzmarket.com—that it said were distributing pirated apps for devices running Google’s Android software. Piracy is a particular problem on Android devices. Google’s “tools have been relatively ineffective because there are multiple Android stores, and Google can’t possibly control all the non-Google stores,” says Howe. The company declined to make someone available for comment.
Google, Apple, and others with legitimate app stores have been beefing up security. In June, Google began offering encryption keys along with paid apps, which are intended to verify that the app is being used on the device on which it was purchased and to prevent copying. Startups are also helping developers thwart thieves. Many game publishers pay for anti-tampering tools from Arxan Technologies, which says its software is used in 200 million devices and can alert developers if a hacker is trying to modify an app to steal it. “You basically have your own army of guards inside your application,” says Jukka Alanen, a vice president at Arxan. More than 1,000 developers use free tools from Boston-based Mtiks, which tell them how many of their downloads have been pirated. The tools also can prevent stolen apps from working or redirect their users to Apple’s App Store. About 30 percent of the 10 million app downloads Mtiks has analyzed are pirated, says Siva Subramanian, the company’s co-founder.
The majority of developers don’t use any antipiracy tools besides basic ones provided by the stores that sell their apps. “I don’t believe it’s worth it on the developer’s side if there is a risk of alienating legitimate customers with well-intended antipiracy measures that can easily go wrong,” says Erica Sadun, an author of books on mobile-app development. Some tools force consumers to go through extra verification steps, making apps more difficult to download and use. Many developers are switching from paid apps to the so-called freemium model, which, among other advantages, shows ads to users who paid for the app and those who downloaded it illegally. “We’re able to monetize people who pay and don’t pay,” says Mike DeLaet, a senior vice president at Glu Mobile, maker of Rogue Racing and other games.
Vaughan, the London developer, hopes to convert pirates into paying customers by luring them with new features and updates. He’s also been reaching out to self-identified pirates on Twitter. “I think the pirates justify what they are doing because they think they’re dealing with a large company,” Vaughan says. “When they find out it’s just one guy, many pirates apologize.”