Apple continues the cleanup of the apps being distributed through its developer certificate program. After taking down porn and illegal gambling apps, Apple is now taking down pirated version of popular apps that was being distributed through its enterprise certificate.
Software distributors like TutuApp, Panda Help, AppValley, and TweakBox managed to get access to Apple’s enterprise developer certificate program and have been using it to distribute pirated and ad-free versions of Spotify, Pokemon Go, Minecraft, and other popular apps. These distributors themselves charge users a yearly subscription fee and make money from users and then share ad-free and cracked versions of popular apps and games with them.
“Developers that abuse our enterprise certificates are in violation of the Apple Developer Enterprise Program Agreement and will have their certificates terminated, and if appropriate, they will be removed from our Developer Program completely,” an Apple spokesperson told Reuters. “We are continuously evaluating the cases of misuse and are prepared to take immediate action.”
Such actions violate the App Store guidelines but since these distributors were using Apple’s enterprise developer certificate to share these apps, such rules did not apply to them. Apple’s enterprise developer program is primarily meant for use by big enterprises to allow their employees to install in-house apps developed by them. Such apps will not have to adhere to the App Store guidelines which made them more powerful in nature. On the flip side, this also meant they could not be hosted on the App Store.
While Apple has been revoking the developer certificates of many such developers, they end up using another account to share pirated versions of popular apps. Apple is trying to combat this issue by making two-factor authentication compulsory for developer accounts which will help prevent certificate misuse.
Apple started cleaning up the apps shared by developers using their enterprise certificate after it was revealed that Facebook was using its certificate to share a Research app with the public that could track their online activity. Google was also caught doing the same which led to Apple temporarily revoking their certificates and blocking all their internal apps from working properly. Since then, Apple has also discovered that distributors have been using its enterprise certificate program to share illegal gambling and porn apps.