Apple warns allowing app sideloading would ‘cripple’ security measures

Allowing users to download apps onto their iPhone from unofficial sources outside of the Apple App Store would “cripple” privacy and security measures, the tech giant has claimed.

In a new report defending its so-called “walled garden” approach which only allows approved apps onto the App Store and therefore onto an iPhone, Apple said allowing apps from other sources and third-party app stores onto the device – a process known as sideloading – would “expose users to serious security risks”.

The publication of the document is the latest public defence of its own systems by the tech giant and follows a similar report in June which said loosening its App Store rules would compromise user privacy by exposing users to more data-hungry, unverified apps as well as malware from cybercriminals.

“If Apple were forced to support sideloading, more harmful apps would reach users because it would be easier for cybercriminals to target them – even if sideloading were limited to third-party app stores only,” the tech giant said in the new report.

“The large amount of malware and resulting security and privacy threats on third-party app stores shows that they do not have sufficient vetting procedures to check for apps containing known malware, apps violating user privacy, copycat apps, apps with illegal or objectionable content, and unsafe apps targeted at children.

“Users would now be responsible for determining whether sideloaded apps are safe, a very difficult task even for experts.”

The passionate defence of its processes comes as Apple continues to face scrutiny over the running of the App Store – the UK competition regulator and the EU are both currently investigating the tech giant over a number of concerns, including its terms and conditions for app developers, which have been criticised as anti-competitive and unfair.

Critics have argued that the walled garden approach effectively makes Apple a gatekeeper and gives the company – unfairly, they claim – the definitive say on if and how a developer can distribute their app and get it on to an iPhone.

In its new document, entitled Building a Trusted Ecosystem for Millions of Apps: A threat analysis of sideloading, Apple warns that malware and other security threats are much higher on platforms where sideloading is allowed.

It claimed that independent research had found devices running Google’s Android – which allows sideloading – had “between 15 to 47 times more malware infections than iPhone” over the past four years.

Apple iPhone
Apple said allowing apps from other sources and third-party app stores onto the device would ‘expose users to serious security risks’ (PA)

The document, which Apple has published on its website, also suggests that all users – even those who do not want to sideload apps – would still be placed at risk should the App Store be opened up to allow it.

It argued that cybercriminals could trick users into sideloading a malicious app by mimicking the appearance of the App Store or touting free or expanded features.

“By reviewing every app before it becomes available on the App Store to ensure it is free of malware and accurately represented to users, and by swiftly removing apps from the App Store if they are found to be harmful and limiting the spread of future variants, Apple protects the security of the ecosystem,” Apple says in the document.

“Sideloading, through either direct downloads or third-party app stores, would undermine Apple’s security and privacy protections, and is not in the best interest of users’ security and privacy.”