Feeds

Regulator sniffs around stonking iPhone game bills

Kids making accidental megabucks calls

Choosing a cloud hosting partner with confidence

UK phone regulator PhonePayPlus has launched an investigation after game-playing iPhone users complained about surprise premium rate call charges.

Concerns have focused on a free to download, advertising-supported game called BubbleWrap, developed by Orsome New Zealand and available via Apple's App Store.

BubbleWrap comes with an embedded advert engine from AdMob. As previously reported, a minority of AdMob's ads encourage users to tap on the ad to visit a website or place a call (a function documented in an iPhone developer page here).

BubbleWrap is the sort of application that appeals to children, and it seems that premium rate calls were made when young users wandered beyond the game's main field of play onto ads, as one iTunes commenter explains. "The game is great and kids love it but their over eager fingers stray onto the advert banner at the bottom of the screen resulting in several premium rate calls at £1.50 a minute," Wearewolves writes.

BubbleWrap: How much?

Normally a warning dialogue box should be generated before a call is made, but this no longer happens following a software update from Apple. The upshot is that users of the free version of BubbleWrap started making premium-rate calls from their iPhones to unknown numbers since late November, sparking protests to UK regulator PhonePayPlus, which has now launched an investigation.

The organisation said:

PhonepayPlus has received complaints from smartphone users that have incurred premium rate charges as a result of touching banner ads that appear within some mobile applications.

Phone-paid service providers must ensure clear and accurate pricing information is available in all promotions. We are currently investigating certain services that have caused complaints and will take firm action where appropriate.

A PhonePayPlus spokeswoman explained that the focus of this investigation is the two telecom firms maintaining the premium rate numbers being dialled.

"PhonepayPlus is investigating various 09 numbers that we have received consumer complaints about," a PhonePayPlus spokeswoman explained. "The Service Providers responsible for these numbers under our Code of Practice are Think Telecom Solutions Ltd and Rare Direct Media Limited.

"Obviously, the investigations are open and ongoing, so no decisions have yet been made."

A Think Telecom Solutions spokesman told us he wasn't previously aware of the PhonePayPlus investigation. He added that it was only a reseller and suggested any complaints would be more properly directed at its customers.

"We are mobile telecoms dealers who resell airtime to our 600 plus customers, who operate 8,400 lines," he said. "Nonetheless we take any complaints seriously."

Hubble, bubble, toil and trouble

Peter Watling, author of BubbleWrap, told El Reg that the issue affects more than just his application, even though Bubblewrap has been the focus of complaints thus far.

"I saw one report online saying it happened while they used Facebook too, does that use AdMob?" Watling said.

"I'm sure this behaviour isn't limited to my app only. I have passed on a list of numbers I was sent that were dialed, to AdMob to see they are all blocked."

Rik Ferguson, a security consultant at Trend Micro, backed up Watling's assessment that the issue extends beyond BubbleWrap.

"The developer of BubbleWrap stating categorically that his app does not contain code for making calls. The telephone number itself belongs to Rare Direct Media," Ferguson told El Reg

"It looks like there is already an investigation underway into that number. Someone else complained that this number was dialled when they were using the Independent's ad-sponsored newsreader."

AdMob isn't supposed to accept adverts tied to premium-rate numbers, a factor further complicating the situation. AdMob has told Watling that it has addressed the no-warning bug.

The issue illustrates two wider points. Firstly, the mobile eco-system has become very complex so that assigning responsibility in cases of user complaints, especially in similar problem occur on a wider scale, has become much less simple. Secondly, despite Apple's fabled control, the unexpected can still happen with smartphone application. ®

Website security in corporate America

More from The Register

next story
Bono: Apple will sort out monetising music where the labels failed
Remastered so hard it would be difficult or impossible to master it again
Oi, Tim Cook. Apple Watch. I DARE you to tell me, IN PERSON, that it's secure
State attorney demands Apple CEO bows the knee to him
Your chance to WIN the WORLD'S ONLY HANDHELD ZX SPECTRUM
Reg staff not allowed to enter, god dammit
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Monitors monitor's monitoring finds touch screens have 0.4% market share
Not four. Point four. Count yer booty again, Microsoft
Getting to the BOTTOM of the great office seating debate
Belay that toil, me hearty, and park your scurvy backside
Hey, Mac fanbois. HGST wants you drooling over its HUGE desktop RACK
What vast digital media repository could possibly need 64 TERABYTES?
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.