UK phone regulator PhonePayPlus has launched an investigation after game-playing iPhone users complained about surprise premium rate call charges.

Concerns have focused on a free to download, advertising-supported game called BubbleWrap, developed by Orsome New Zealand and available via Apple's App Store.

BubbleWrap comes with an embedded advert engine from AdMob. As previously reported, a minority of AdMob's ads encourage users to tap on the ad to visit a website or place a call (a function documented in an iPhone developer page here).

BubbleWrap is the sort of application that appeals to children, and it seems that premium rate calls were made when young users wandered beyond the game's main field of play onto ads, as one iTunes commenter explains. "The game is great and kids love it but their over eager fingers stray onto the advert banner at the bottom of the screen resulting in several premium rate calls at £1.50 a minute," Wearewolves writes.

BubbleWrap: How much?

Normally a warning dialogue box should be generated before a call is made, but this no longer happens following a software update from Apple. The upshot is that users of the free version of BubbleWrap started making premium-rate calls from their iPhones to unknown numbers since late November, sparking protests to UK regulator PhonePayPlus, which has now launched an investigation.

The organisation said:

PhonepayPlus has received complaints from smartphone users that have incurred premium rate charges as a result of touching banner ads that appear within some mobile applications.

Phone-paid service providers must ensure clear and accurate pricing information is available in all promotions. We are currently investigating certain services that have caused complaints and will take firm action where appropriate.

A PhonePayPlus spokeswoman explained that the focus of this investigation is the two telecom firms maintaining the premium rate numbers being dialled.

"PhonepayPlus is investigating various 09 numbers that we have received consumer complaints about," a PhonePayPlus spokeswoman explained. "The Service Providers responsible for these numbers under our Code of Practice are Think Telecom Solutions Ltd and Rare Direct Media Limited.

"Obviously, the investigations are open and ongoing, so no decisions have yet been made."

A Think Telecom Solutions spokesman told us he wasn't previously aware of the PhonePayPlus investigation. He added that it was only a reseller and suggested any complaints would be more properly directed at its customers.

"We are mobile telecoms dealers who resell airtime to our 600 plus customers, who operate 8,400 lines," he said. "Nonetheless we take any complaints seriously."

Hubble, bubble, toil and trouble

Peter Watling, author of BubbleWrap, told El Reg that the issue affects more than just his application, even though Bubblewrap has been the focus of complaints thus far.

"I saw one report online saying it happened while they used Facebook too, does that use AdMob?" Watling said.

"I'm sure this behaviour isn't limited to my app only. I have passed on a list of numbers I was sent that were dialed, to AdMob to see they are all blocked."

Rik Ferguson, a security consultant at Trend Micro, backed up Watling's assessment that the issue extends beyond BubbleWrap.

"The developer of BubbleWrap stating categorically that his app does not contain code for making calls. The telephone number itself belongs to Rare Direct Media," Ferguson told El Reg

"It looks like there is already an investigation underway into that number. Someone else complained that this number was dialled when they were using the Independent's ad-sponsored newsreader."

AdMob isn't supposed to accept adverts tied to premium-rate numbers, a factor further complicating the situation. AdMob has told Watling that it has addressed the no-warning bug.

The issue illustrates two wider points. Firstly, the mobile eco-system has become very complex so that assigning responsibility in cases of user complaints, especially in similar problem occur on a wider scale, has become much less simple. Secondly, despite Apple's fabled control, the unexpected can still happen with smartphone application. ®