Google Sued Over Children's In-App Android Purchases

← Back to Stories (view on slashdot.org)

Google Sued Over Children's In-App Android Purchases

Posted by samzenpus on Wednesday March 12, 2014 @09:24PM from the won't-somebody-please-think-of-the-children? dept.

jfruh writes "Android apps sold through the Google Play app store require the user to enter their username and password before making an in-app purchase — but once they've done that, they can continue to do so for half an hour without re-authenticating. Now a lawsuit is claiming this loophole allows children to run up in-app purchases on their parents' credit cards, 'causing Google to pocket millions of dollars.'"

15 of 321 comments (clear)

Min score:

Reason:

Sort:

Please.... by Apotekaren · 2014-03-12 21:30 · Score: 5, Funny

For once, won't someone think of the PARENTS?

--
She: Hey, are you a traitor? Me: No, I'm atheist.
1. Re:Please.... by Travis+Mansbridge · 2014-03-12 21:50 · Score: 5, Insightful
  
  "Hey mom/dad, enter your password"
  
  A: "Sure"
  B: "Why?"
  
  Which sounds more responsible?
2. Re:Please.... by richy+freeway · 2014-03-12 21:54 · Score: 4, Insightful
  
  The point is that after they have entered their password, the child has 30 minutes of unfettered purchasing power and there is NO warning of this at all.
3. Re:Please.... by KingOfBLASH · 2014-03-12 21:56 · Score: 4, Insightful
  
  No, Google designed a system that would be a compromise between security and usability since some people would obviously go bat shit if they had to enter their password every time.
  That a parent gave this to their child and did not properly supervise them is the parents fault.
  Although it would indeed be nice if the parents could indeed have a better monitoring service for kids phones.
4. Re:Please.... by Cenan · 2014-03-12 22:52 · Score: 5, Insightful
  
  Kids are not supposed to know the full range of consequences of their actions, that is why we call them children and treat them in a certain way.
  First of all, the in-app purchasing is specifically designed to not warn you when a purchase is made, and to make the purchases as subtle as possible. Even if that were not the case, you'd have to buy the app or whatever and wait 30 minutes before handing the device back to your child to be safe, yet there is currently no indication that the timer is even running or when it expires - not one that is easily accessible. And the mere fact that Google expects you to sit around with your device for 30 minutes, waiting for a timer to expire is unreasonable in the extreme.
  This is absolutely a tech issue, as well as an ethics issue. Google likes the easy money, and their responses to parents who have complained about it have been less than stellar. Google is in a position to both build and destroy trust in consumer computing, on behalf of not only themselves, but everyone who develops for their devices and similar devices. The position Google has taken on this issue is the money-grab-and-run short term approach, and they've been pointing at the app developers for the fix. This is unreasonable, and doesn't actually fix the broken eco-system that is Android apps. The good guys will continue to be the good guys and you're giving a free pass to the rotten apples. Couple this with the fact that it is almost impossible to tell good from bad on Android until you get burned, and you have a major issue going forward, and Google is well on its way to forcing legislation on this issue. Legislation that I bet Google is going to piss and moan over when it passes, even though they, and fuckwits like them, were the ones to cause it.
  Short story even shorter: fix the fucking issue and get on with it already. The fix is so simple it would be hilarious if it wasn't such a fucking money-grab from a supposedly not evil corporation. Make purchasing passwords one time only, or allow for restrictions on where and when the purchasing can be made.
  
  --
  ... whatever ...
5. Re:Please.... by bfandreas · 2014-03-12 23:06 · Score: 5, Interesting
  
  This is not a mom/dat CC issue but goes quite a bit further.
  
  I will try to demonstrate this on a particular piece of shite brought to us from the people we love to loathe.
  Enter Heroes of Dragon Age. This thing is a deck-building game. Think Hearthstone but the game plays your matches for you. In that respect I would consider it nothing more than an elaborate animated screensaver rather than a game. In HoDA the rarest cards pretty much guarantee your wins. You could grind for months and get lucky and get a couple of them. Or you could cough up monies to buy gems. 99 bucks buy you roughly 20 card draws, 18 of which will not be useful in any way shape or form(+/- statistical variance, but bear with me). You could play matches to earn gold to buy the packs which cost gold but your chance to get anything useful from those is so low that people who get lucky immediately start a forum post about that which in turn will become quite lively. Grinding for gold is a possibility but for one snag. You are limited to 6 PvE and 6PvP matches every two hours. Unless of course you pay gems to play more. So far so bad. The PvE campaign is designed in such a way that you will need the best cards after about an hour of play time. You will encounter multiple major brick walls.
  
  This is one of the freemium offenders I know. I've been grinding as a free player since Christmas since it is a nice diversion which doesn't require a lot of thought or interaction. But I do have to say one thing about this: It smacks of gambling. In fact it is an elaborate variation of a slot machine. And I can see how a gambling addict could sink hundreds if not thousands of dollars into such a thing. And it seems to be completely unregulated.
  
  OTOH if I gave you 99 bucks to spend on games and you headed over to the nearest Steam sale you would get so many games that you wouldn't emerge until next year if you completed them all. No value for a lot of money driven by addiction. Children are the easiest prey for this but certainly not the most lucrative.
  
  So if you compare prices for gems with Steam sales you would think that these are not hardcore gamers. Wrong. Surprisingly so:
  http://kotaku.com/who-are-the-...
  http://www.theguardian.com/tec...
  
  We are way, WAY beyond "you morons, stop buying gems!". At this point we are in need of regulation Nevada-style. In the meantime suing Google and Apple is the easiest way to apply some pressure but it sure as hell is not enough.
  
  I would imagine you weren't totally shocked that EA is one of the worst offenders in that particular arena...
  
  --
  20 minutes into the future
6. Re:Please.... by exploder · 2014-03-13 00:49 · Score: 5, Insightful
  
  I think the real problem is that parents want to use a phone or tablet as a pacifier, so they don't have to parent the tykes.
  Ah yes, the rallying call of the childless. I'm sure that if you ever have kids, you'll have the means and inclination to devote N hours of your own time every day simply to keeping them entertained.
  
  --
  Yo dawg, I heard you like the Ackermann function, so OH GOD OH GOD OH GOD
7. Re:Please.... by Anonymous Coward · 2014-03-13 01:58 · Score: 4, Insightful
  
  It's almost like Apple and Google were both in the wrong, and Apple corrected it.
  Oh wait, it's exactly like that.
8. Re:Please.... by butalearner · 2014-03-13 02:07 · Score: 4, Informative
  
  Children can be more clever than non-parents expect.
  Surely, you jest! This is Slashdot, where everybody except actual parents knows the proper way to raise children, and supervision means hovering over your child at all times, never bathing or using the restroom or cooking meals or sleeping.
  I'm glad some commenters don't have children, although if they did, they wouldn't sound so high and mighty at times like this. Seriously, my six year old plays outside with neighborhood kids all the time and builds way cooler stuff with Legos than I did at his age, but having other recreational activities didn't stop him from getting his hands on my wife's phone for a few minutes earlier this week and spending $16 on in-app purchases before she stopped him. And that's all because we had the audacity to have an infant that needs more attention when we aren't rich enough to both stay home and hover over the children all day.
  We're not going to be joining the class action lawsuit or anything, but it's tiresome to see armchair parents pretend like they could stop it happening. Like most of you we have a lot of devices around, and no matter how well you think you have everything locked down, all it takes is one mistake. This is the only time my son has "accidentally" spent money, and no matter where you want to lay the blame, consider this: if my wife had an iPhone, this wouldn't have happened. Is that really the response you think Google should give?
9. Re:Please.... by exploder · 2014-03-13 03:43 · Score: 4, Informative
  
  This is exactly the problem.
  Current situation: Thank you for entering your password to authorize the purchase on screen. I will not bother to mention that you've also authorized unlimited additional purchases over the next half hour.
  Bare minimum acceptable solution: Thank you for entering your password to authorize this purchase, as well as unlimited additional purchases for half an hour.
  Slightly better: Please enter your password to authorize this purchase, as well as unlimited additional purchases for half an hour.
  Good, and easy solution: Thank you for your purchase. Authorize additional purchases for the next (30 minutes | 24 hours | Forever | No thanks, ask for my password next time ).
  
  --
  Yo dawg, I heard you like the Ackermann function, so OH GOD OH GOD OH GOD
Why? by Chatterton · 2014-03-12 21:38 · Score: 5, Interesting

Why Google didn't reacted following the Apple case? It was just a question of time before the same kind of lawsuit would begin against them...
Just call the credit card company and tell them by Chrisq · 2014-03-12 21:41 · Score: 4, Insightful

Just call the credit card company and tell them that you didn't authorise these payments, then tell google you've done that. This puts the ball in google's court - the payment goes into dispute and they need to decide whether to claim that you did authorise the purchase or give you a refund. My money would be on the latter.
1. Re:Just call the credit card company and tell them by Chrisq · 2014-03-12 22:29 · Score: 4, Insightful
  
  Just call the credit card company and tell them that you didn't authorise these payments, then tell google you've done that. This puts the ball in google's court - the payment goes into dispute and they need to decide whether to claim that you did authorise the purchase or give you a refund. My money would be on the latter.
  Doing this you would be committing fraud against the credit card company and get you in trouble. You did authorise these payments because you logged in your child with proper credentials to shop using your card. That you didn't understand the consequences isn't good enough enough defence. Though I would love to be able to reverse the charges when my wife starts shopping with my logged in credit card enabled account.
  It would not be fraud - you authorised one payment then google took the rest without authorisation. I have done this previously with unauthorised follow-up payments and it really goes smoothly, it goes into dispute - the company has a chance to appeal - decides not to - terminates service and refund stands
Wait a minute... by narcc · 2014-03-12 21:43 · Score: 4, Insightful

This sounds awfully familiar... Didn't Apple have this exact same problem?
Thanks, TFA:

The case against Google is similar to one brought by the U.S. Federal Trade Commission against Apple over children's in-app purchases. That case was settled in January and Apple agreed to pay at least US$32.5 million to customers.
Now we need to ask why Google didn't take action to prevent this sort of thing.

--
Required reading for internet skeptics
Re:Next we should sue the US treasury for issuing by Barefoot+Monkey · 2014-03-12 22:25 · Score: 4, Insightful

Monetary bills are already child-proof in this regard. If I give a child $1 this doesn't cause any other money I may have to spontaneously teleport into the child's possession every time the child approaches a toy or sweet within the next 30 minutes. If the child wants more of my money then he/she will need to ask me again.