iOS 17 Sideloading & Alternative App Stores: Preparing For Increased Brand Risk

In March 2024 (less than 30 days), Apple’s iOS 17.4 will for the first time ever allow iOS sideloading or the download of iOS apps from alternative app stores other than the Apple App Store. Whether you applaud the resulting expansion of consumer choice or not; one thing is for certain – this will affect your online brand protection program. 

Every day at Allure Security, we find rogue versions of our customers’ mobile apps and take them down at their request. We know a thing or two about unauthorized versions of mobile apps being published on third-party app marketplaces and how they affect a business’s risk profile. 

There will be more places online where individuals post unauthorized versions of your brand’s mobile apps. It’s also likely that with this change, consumers will become more comfortable downloading apps from places other than official marketplaces. 

What iOS 17 sideloading means for consumers and third-party app marketplaces

The EU has passed the Digital Markets Act (DMA) to increase market competition and innovation, which will require Apple to allow alternative app distribution and payment systems within the iOS ecosystem. The DMA comes into effect in March 2024.

On January 26 Apple released a beta version of iOS 17.4, which included adding changes to allow for sideloading. The EU expects Apple to comply with their new bill’s antitrust laws, but maintains that it will take enforcement actions should Apple try to somehow circumvent the new law.

While only in Europe come March, both Japan and the U.S Department of Justice have shown interest in similar changes.

How iOS 17 sideloading impacts online brand protection strategies

We help our customers reduce digital risk everyday and know third-party mobile app marketplaces’ impact on that risk. We have been following this iOS sideloading saga since rumblings began about a year ago.

App users becoming more comfortable downloading mobile apps from third-party marketplaces is not good or bad, but we can bet that more third party marketplaces will be popping up with Apple’s new changes.  We often find and remove impersonations of our customer’s brands on alternative app stores. In the past, this was more common on alternative Android stores, but now we expect to see the number of alternative iOS app stores rise. This will create more places for rogue, deceptive, malicious, and out-of-date mobile apps to reside.

Many technology companies have been waiting for Apple to loosen its grip on the iOS app market. For example, the Wall Street Journal reported that Meta is working on allowing app downloads directly through Facebook advertisements on Facebook. 

Considering the number of fake ads we discover and takedown on Meta’s Instagram, fraudsters will likely see this as an opportunity to impersonate brands and attempt to use social media advertising to trick consumers into visiting malicious alternative app marketplaces and or download malicious mobile apps. 

Brands will need to police every third-party app store to make sure problematic versions of their apps don’t pop up there unexpectedly. Even if brands decide to only make their app available via the official Apple app store, nothing stops fraudsters from uploading an unauthorized version onto third-party stores. 

It is absolutely imperative that brands looking to keep their customers safe take this expanding attack vector seriously in their online brand protection strategies.

Protecting your brand in proliferating alternative mobile app marketplaces

The shift toward a more open app ecosystem, highlighted by Apple’s upcoming iOS 17.4 update in Europe, broadens consumer choice but also increases the risks of brand impersonation. As third-party mobile app marketplaces proliferate, the urgency for brands to monitor and safeguard the use or misuse of their brands on these platforms becomes critical. 

This includes staying up to date on new third-party mobile app marketplaces and remaining vigilant in spotting unauthorized use of their brand or unauthorized/counterfeit versions of their mobile apps published on those app stores. Some estimates suggest the existence of hundreds of third-party app marketplaces, a figure likely to rise in March. The time to prepare for these changes is now, ensuring that your brand and customers are protected. 

The task of continuously monitoring hundreds of app stores for unauthorized or counterfeit versions of your mobile apps can swiftly become an overwhelming endeavor. Achieving sufficient visibility requires automation for continual surveillance. Developing such a system from scratch is no small feat, requiring significant resources and expertise.

Fortunately, specialized online brand protection services like Allure Security are ahead of the curve, employing advanced AI technologies to automate the continuous scanning of the most frequented third-party mobile app marketplaces for online brand impersonations. This ensures your brand and customers are protected against outdated, unauthorized, or deceptive mobile app versions, allowing you to focus on your core business activities with peace of mind.

WHAT YOU SHOULD DO NEXT

 

1. 1. Contact us if you’re concerned about how your brand can detect and respond to mobile app impersonations.

1. 1. Learn how fraudulent Google Ads are impersonating trusted brands like yours.

1. 1. Read our blog post about removing harmful brand impersonations from LinkedIn.