What you need to know
- A six-year-old spent $16,000 on in-app purchases without his mother knowing.
- He was using her iPad in another room, which begs the question... how?
- I think I know how it went down – and despite what the boy's mother says, it isn't Apple's fault.
Ever since I wrote a story earlier today about a six-year-old who managed to spend $16,000 on in-app purchases, I've been trying to work out how it all went down. And I think I've cracked it.
For those unfamiliar, a quick rundown.
- A six-year-old was left with an iPad while his mother worked.
- He managed to spend more than $16,000 on in-app purchases. Rings in Sonic Forces, if you must know.
- His mother says it's Apple's fault and can't understand why it was allowed to happen.
Now, as is always the case with these stories, everyone is now playing that game where they like to think they're the best parent on the planet and that they'd never leave their kid with an iPad unattended. I'm here to tell you today that people do what they've got to do to get through the day sometimes and, especially in the middle of a pandemic, they've got to work. The kid's parent probably already feels pretty bad – they don't need you quarterback-parenting it.
But that doesn't mean that there isn't a cautionary tale here. But it isn't about kids and iPads as such. It's about disabling security features, either on purpose or by accident.
I've been trying to get my head around exactly what went on here for a few hours today. It didn't make sense because the App Store asks for your password when buying in-app purchases. Sure, you can tell it not to prompt for a password for 15 minutes after entering one. But can you disable it altogether?
You cannot (opens in new tab).
And it's that final sentence that, I think, explains what happened here. And as a parent, it's all pretty familiar.
- Parent needs a way to keep their child entertained.
- Parent has an iPad with Touch ID or Face ID enabled.
- Child's fingerprint or face gets added to the iPad so the parent doesn't have to unlock it for them.
- Sonic Forces offers up an in-app purchase, the App Store prompts for authentication, the kid's biometrics are registered, and hell breaks loose.
So who is at fault? It's a difficult one. It isn't Apple, because its security mechanisms were worked around by the kid's biometrics being added to the iPad. Once the keys to the kingdom are gone, you can lock the doors all you want – nothing's safe.
Realistically, it's the parent's fault but I can absolutely see how and why this happened. It's an unfortunate occurrence, but it happens. Maybe the kid should have been at school but wasn't because of the pandemic. Maybe the childminder was off sick. None of it really matters at this point. Someone's $16,000 in the hole for rings in a Sonic game. And that, perhaps, is the real issue here. These predatory in-app purchases need to stop, and soon.
Of course, it's also possible I've been misreading the tea leaves here and I'm way off. We'll probably never know.
Get the best of iMore in in your inbox, every day!
Oliver Haslam has written about Apple and the wider technology business for more than a decade with bylines on How-To Geek, PC Mag, iDownloadBlog, and many more. He has also been published in print for Macworld, including cover stories. At iMore, Oliver is involved in daily news coverage and, not being short of opinions, has been known to 'explain' those thoughts in more detail, too.
Having grown up using PCs and spending far too much money on graphics card and flashy RAM, Oliver switched to the Mac with a G5 iMac and hasn't looked back. Since then he's seen the growth of the smartphone world, backed by iPhone, and new product categories come and go. Current expertise includes iOS, macOS, streaming services, and pretty much anything that has a battery or plugs into a wall. Oliver also covers mobile gaming for iMore, with Apple Arcade a particular focus. He's been gaming since the Atari 2600 days and still struggles to comprehend the fact he can play console quality titles on his pocket computer.
This was going on for months. Apple sends an email for every single purchase. This woman was told about every single purchase and she ignored them. Did anyone ask how she has a credit card with a $16K credit limit and all of a sudden can't make her mortgage payment?
I think you are right. The facilities to stop this from happening are built in, available and most likely bypassed. I recall the numerous 'my kid bought a pony from Amazon, by asking Alexa' stories too. Voice purchasing is off by default, and when you turn it on, it allows for a PIN. If you turn it on and don't set a PIN, when Polly wants a cracker, Amazon ships you a box of crackers.
In this case, would have been cheaper to buy the kid his own iPad.
Here's a kid who isn't getting a car on his 16th birthday, what you wanna bet? Those gold rings at $100 a pop don't take months to accumulate that kind of money. She may very well have missed it, but what credit card doesn't check such transactions? And Apple should take pity on her and take away all the upgrades and ban the kid from ever having access to online games with in-app purchases again.
No, the “cautionary tale” is don’t create an Apple account and don’t have iPads or iPhones in a house with minor children. The App Store should have a limit on how much you can spend in a game in a short period of time.
To me, when you add a new face to the device, you shouldn't be "giving away the keys to the kingdom", it should ask, or allow you to create a separate profile without the other coming along with it. I think it's both Apples, and the parents fault in this case. Apple does send an email with each purchase, so the parents should have seen those and realized something was going on well before being $16k in the hole.
But how will apple profit like this if they do it your way?
It's obscene that it's even possible to spend $16k on a mobile app. The in-app purchases have ruined gaming. I remember how awesome Plants vs Zombies was when it came out. You spend $6.99 and have hours and hours of fun. When PvZ2 came out, just to get the plants you had in 1, you'd have to spend $ hundreds because it's virtually impossible to get them without paying. These kids are buying even the simplest games, like card games, that want hundreds to get to the next level. And as you go up levels, the need for money only increases. I remember when Amazon Fire tablets first came out. They practically gave them away, but they didn't have any parental control options to prevent kids from buying things for at least a year or two. I don't mind developers getting paid, and I think they should, but the fact that anyone can spend $16k shows how broken gaming is right now.
Shouldn't Apple take some blame? There's a difference between a free installation and a paid purchase-installation. It seems reasonable that someone would allow their kids to install free games but not want them to be able to spend their hard earned. Apple chose not to allow a distinction between the two. The parent is still involved, but I don't agree giving Apple a free pass is fair. We'll never know the real impact. How many low value purchases made by kids are there, I expect most people won't make the headlines and just cough up.
There are mechanisms in place to stop this. I'm not one to give apple a pass, this is just crappy parenting on the parents part.
My kids have their own iPads/devices and it is setup for each of them. Then I use Apple parental controls. ( under ID -> Family Sharing -> "Ask to buy") If they want to get something, even if it is free, I get a notification on my devices whether or not to allow it. If I allow it, they may continue. There are other controls under screen time that have way more functionality than just screen time.
The crux of the issue with me is that the mother is taking little or no responsibility for what happened, in spite of the safeguards in place to prevent this and the email alerts to let a customer know what they've purchased. (Alleged) willful ignorance is not an excuse. I don't believe Apple has any blame here, but another safeguard they could put in place is a spending cap that would require the customer to authorize monthly purchases in an e-mail link that go beyond (say) $500.
Thank you for signing up to iMore. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.