iOS 4.3 requires password for In-App Purchases | iLounge News


iOS 4.3 requires password for In-App Purchases

Apple has changed its policy on In-App Purchases in iOS 4.3, requiring users to re-enter their iTunes Store password in order to complete an In-App Purchase, according to The Washington Post. Previously, there was a 15 minute window after entering an iTunes Store password when users would not be asked to re-enter it should they make another purchase. Problems with children running up massive bills via In-App Purchases were widely recognized late last year when the Associated Press ran a story highlighting the problem. The article singled out “The Smurfs’ Village” game by Capcom as one of the most egregious offenders, as it was openly aimed at children yet contained In-App Purchases priced for as much as $60. The U.S. Federal Trade Commission (FTC) said last month that it would review the marketing and delivery of certain applications built around In-App Purchases; it is unclear whether such a review will still be necessary given Apple’s new policy change. [via Mac Rumors]

Related Stories



Is the 15 minute window still there for *other* classes of purchases?

What they need is to have it such that it requires re-entry of password for any transaction that costs money but otherwise lets you cache your password for the app store for as long as you want via options.

Me, I *always* want something that stops me spending money accidentally, but I really don’t need the iPod nanny making me re-enter my password every time I want to update an app.

Posted by Code Monkey on March 10, 2011 at 5:03 PM (CST)


I personally am glad to see this. I have two daughters with iPod Touches and they are linked to my iTunes account. We discussed not “buying” anything in their apps/games without coming to me first, but an added hurdle will not hurt in the least.

As for Code Monkey’s point, that would be a nice option to put in Settings somewhere. Allow the user to set a time limit (like that 15 minute window) or “Always Require iTunes Password When Purchasing Content”. I, and many others would go the “Always” route while a good number of grown-up only users would open it up a bit.

Posted by Mitch on March 10, 2011 at 6:33 PM (CST)


To be clear, all Apple has done here is prevent password caching across different applications.  The 15-minute time period still applies to purchases made within the same application, so parents who buy their kids smurfberries better make sure they don’t let their kids at the device for another fifteen minutes.  Likewise, when buying an app in the “App Store” application, the password is cached for subsequent purchases (and updates) in the same way that it always has been, it’s just not cached for an IAP until a purchase is made within the specific app, presumably preventing kids from running for smurfberries immediately after their parents download the app for them.

What Apple actually needs to do is take a page from PayPal’s book and allow a four-digit PIN code to be optionally configured for on-device purchases instead of requiring the full password to be entered every time.  This would provide a usable balance between convenience, security, and preventing unintended purchases, and it wouldn’t be far less inconvenient to prompt a user for a four-digit PIN code on every transaction—both because such a code is shorter and because a numeric keypad has larger buttons that make an easier target.

For additional security, the ability to use a PIN code could be easily be restricted only to devices that you’ve already confirmed are yours by either entering your full iTunes Store password initially to enable the PIN code feature, or using the authorization that is already passed on from through iTunes.

Posted by Jesse Hollington on March 10, 2011 at 6:46 PM (CST)


@3 Disagree with you a bit on the 4 digit numeric PIN.  From what I recall in the article, or a similar article, some kids have memorized their parents iTunes PW.  A 4 digit PIN will be much easier for kids to figure out just by watching their parents do it.  Now I do realize that would be on the parents, but you know it doesn’t matter. Those that get the big bill, whether partially their fault or not, will complain.

I actually agree with Code Monkey on this issue. An option to set the length of time the PW lasts is good. They already have it for the lock on the device itself, which doesn’t have direct financial implications, why not for purchases?

Posted by Big Money Tony on March 11, 2011 at 12:00 PM (CST)


I wish iTunes would have sub-accounts.  You could make an account for your kids that is under your account.  Then the kids could have their ipod on their account but parents could still have control.  That way when birthdays come around you could give the kids an iTunes card and it goes on their account and little brother doesn’t spend it (or mom or dad).

Posted by Robert Truax on March 12, 2011 at 12:27 PM (CST)


@Big Money Tony (#4): The way I’d envision a PIN is something that you’d have to enable on a per-device basis (by entering your real password at least once on the device, for example), and would only work on those device where you had specifically enabled it.  It’s not necessarily a solution for parents and kids specifically, but would certainly make it less necessary to cache the last-entered password at all since a PIN is much easier to deal with, even if you have to enter it each and every time you want to make a purchase.

Right now there are already a lot of users with insecure iTunes Store passwords as its too much of a nuisance to have to enter a long, complex password on an iOS device. Apple has tried to tighten this up by enforcing more complex password restrictions, to be fair, but these restrictions are still relatively basic (ie, password has to have a number in it).  Unlike the normal iTunes Store password, a PIN would only be usable on the devices you had specifically enabled it on—an inherent form of two-factor authentication.

@Robert Traux (#5): This actually already exists in a way. There are no sub-accounts per se, but you can easily create a separate iTunes Store account for each of your kids and even setup iTunes to send them a regular allowance automatically from your main account if you want to give them a little bit of spending money regularly for music, apps or smurfberries :)  Alternatively, you can forego the whole allowance feature entirely and just use gift cards or send gift certificates whenever you want to top up the account. 

You’d simply not have any credit number associated with the kids’ account(s) and they could then only spend whatever balance was already there, be it from a gift card/certificate or a regular allowance.  You can find some more info on how this all works in our Complete Guide to Using the iTunes Store.

Posted by Jesse Hollington on March 12, 2011 at 3:53 PM (CST)


@6: “It’s not necessarily a solution for parents and kids specifically, but would certainly make it less necessary to cache the last-entered password at all since a PIN is much easier to deal with, even if you have to enter it each and every time you want to make a purchase.”

The problem I see with this is simply the inherent lack of security. Any numeric pin, particularly one short enough to make things easier than the password,is, relatively speaking, easily broken. It may not grant full access to your account, but when there are $100+ DRM free box sets to be downloaded directly and then copied over via whatever iPod rescue program you choose, I don’t think it’s a very good idea. I’d just as soon stick to entering my password, it may not be as simple as a key-pad pin, but I know it’s unlikely anyone is going to crack it without considerable time and resources.

Much rather just see the option: free transaction, user definable cache period. fee transaction, enter your password every single time, no exceptions.

Posted by Code Monkey on March 14, 2011 at 9:17 AM (CDT)


I would envision the PIN as a two-factor authentication system where it could only be enabled on a specific, per-device basis (the “something you have” component). This could be done in any of several ways, although the most straightforward would be that you must turn it on under the “Store” settings and enter your “real” iTunes Store password to enable it. At that point, it would only be enabled on that device.  As an added security measure, the “real” iTunes Store password could still be required whenever the user changes their password.

As a result, this would only be an issue if you lose your iOS device, at which point the perpetrator would still have to try and guess your PIN. Between the various remote-wipe options, the ability to reset your password in your iTunes Store account from your computer, and the invalid password lockout features that are already present on the iOS side, it’s pretty unlikely that this would be a huge security concern.

While I agree that not prompting for a password at all for free items would be a good idea as well, the fact is that there are many times I do want to quickly download a small item on the go, and having to key in the full iTunes Store password can be a nuisance for that—granted I use a more secure iTunes Store password than most, but the point is that users should be using secure passwords.

In fact, Apple has begun to enforce this, making the on-device purchasing even more complicated.  iTunes passwords must now be at least eight characters in length, including one uppercase, one lowercase, and one number.  However, I believe Apple only enforces this when you voluntarily change your password, so many users still have insecure passwords that they’ve never bothered to change (a friend of mine until very recently, had the letter “a” as their iTunes Store password because they found entering it on their iOS device all the time to be a nuisance).  The additional password requirements after changing her password has made her all but give up on ever buying anything on her device again, since the uppercase and number combination add extra finger gyrations to what should be a fairly quick and simple process.

As I’ve pointed out above, however, the current “solution” that’s been implemented thus far is still a non-soltuion in reality.  All it does is prevent kids from using the IAP system immediately after their parents download the app.  It doesn’t prevent recurring IAPs once something has been bought within the app, nor does it prevent the kids from downloading other apps within the same 15-minute interval.  In many ways, the advertising of this change is going to be a disservice to parents, as they’ll expect that it’s fixed, when it really only closes one very specific hole.

Posted by Jesse Hollington on March 14, 2011 at 10:04 AM (CDT)

Subscribe to iLounge Weekly

Sign up for the iLounge Weekly Newsletter

iLounge is an independent resource for all things iPod, iPhone, iPad, and beyond.
iPod, iPhone, iPad, iTunes, Apple TV, Mac, and the Apple logo are trademarks of Apple Inc.
iLounge is © 2001 - 2018 iLounge, Inc. All Rights Reserved. Terms of Use | Privacy Policy