Internal documents released as part of the Epic Games lawsuit reveal an Apple anti-fraud engineer suggesting that App Store checks were grossly inadequate.

Epic cited two particularly damning quotes from Eric Friedman, head of the company’s Fraud Engineering Algorithms and Risk unit, in internal documents …

The Financial Times reports.

The quotes were cited by Epic as more evidence that Apple was using app vetting as a pretext for taking its cut of app sales.

A senior Apple engineer compared the defences of its App Store against malicious actors to “bringing a plastic butter knife to a gunfight”, according to legal documents released on Thursday.

The anecdote, which was cited by Fortnite maker Epic Games ahead of a highstakes antitrust trial in California next month, was based on internal Apple documents quoting Eric Friedman, head of the company’s Fraud Engineering Algorithms and Risk (FEAR) unit.

In the papers, Friedman also likened Apple’s process of reviewing new apps for the App Store to “more like the pretty lady who greets you . . . at the Hawaiian airport than the drug-sniffing dog”. He added that Apple was ill-equipped to “deflect sophisticated attackers”.

The iPhone maker argues that its sole control of the iOS apps market is good for consumers because it vets all apps for safety, security, and functionality. Epic says this isn’t true as many broken, misleading, insecure, and scam apps make it through the app review process. Developer Kosta Eleftheriou has given examples of many of these over the past few months, including non-functional rip-offs of his own apps.

Just this week he pointed to a VPN app that claimed to be “recommended by Apple” on the basis of high App Store visibility brought about by a large number of fake reviews.

Eleftheriou began highlighting applications that were essentially non-functional ripoffs of FlickType. One of the most blatant ones was KeyWatch […] When users downloaded the app, the first screen was a blank interface with an “Unlock now” button. Tap the “Unlock now” button, and you’d be prompted with Apple’s buy screen to confirm an $8/week subscription for an app that was nonfunctional.

Apple anti-fraud protections encompass both automated checks and human verification, and it’s unclear whether Friedman is referencing only the former element, or the whole process. Either way, the fact that a senior Apple engineer tasked with preventing this type of thing considers the app review process to be grossly inadequate to the task certainly isn’t going to help the Cupertino company in the upcoming antitrust case.

Photo by Franck on Unsplash