How to Keep Spammers Out of the App Store

The App Store has a problem, and it’s called app spam. While it's not just Apple that's suffering from spammer attacks, this article focuses specifically on the App Store. 

App spam occurs when developers with less-than-legitimate intent push copycat or re-skinned versions of existing apps, or otherwise low-quality apps into the App Store, eluding Apple’s review process. These spammy apps then use black hat tactics to manipulate Apple’s ranking algorithm into providing them with top ranks on keyword searches and top charts, boxing out legitimate apps.

Apple’s spam problem has been around for years, and while it’s not quite as bad as it used to be, spammy apps have made their way into featured spots and are still a massive drag on the credibility of the App Store for its developers and users. By reducing the chances that users will find legitimate, innovative apps when browsing the app store, Apple’s spam problem is one of the problems contributing to a lack of app consumption and thus lower profits for Apple during a time when Apple needs App Store profits most.

Despite Apple has recently implemented stronger review guidelines and following through on a store-wide cleanup effort by taking nearly 50,000 apps offline in October, these efforts have failed to stem the flow of spammy apps.

Spammy apps are still being found in top spots in the App Store as of December 3rd, per Herman Jakobi.

Google recently promised to crack down on these types of manipulation efforts, and while Apple announced the promise of a crack-down years ago, it has not made good on its word, leading to the continued proliferation of spammy apps we see today.

David Barnard, founder of Contrast and long-time app developer identified a spammer by the name of Nguyen Giang taking advantage of a weakness in Apple’s keyword ranking algorithm on December 14th.

So how can Apple finally rid itself of this problem of spammy apps?

One straightforward solution is for Apple to take a more stringent approach to enforcing some of the App Store review guidelines already in place. For instance, Apple already has language to prevent copycat apps and even a guideline tackling what it refers to as “app spam.”

Guideline #4.1 (Copycats) states that developers should: “come up with your own ideas. We know you have them, so make yours come to life. Don’t simply copy the latest popular app on the App Store, or make some minor changes to another app’s name or UI and pass it off as your own.”

Guideline #4.3 (Spam) states that developers should not take to: “piling on to a category that is already saturated; the App Store has enough fart, burp, flashlight, and Kama Sutra apps already.”

That said, Apple receives 100,000 new app submissions per week. It’s possible, then, that Apple’s reviewers are overwhelmed by the sheer volume of app submissions. In this case it would be pertinent for Apple to hire more app reviewers so that each reviewer can spend an appropriate amount of time scrutinizing and ensuring the quality of apps before sending them into the world.

To run some numbers for illustrative purposes, if each app reviewer spends 30 minutes reviewing each app, 7 hours per day, 5 days per week, then Apple would need to employ 1,429 app reviewers. Assuming a Glassdoor salary estimate for an iOS app reviewer of $28.87, that means that Apple’s costs of for policing the App Store amount to $1.65 million per week, or $21.5 million per quarter. That would represent .6% of Apple’s quarterly Selling, General and Administrative expenses; hiring more reviewers to protect the App Store from app spam could be a veritable bargain for ensuring Apple’s fast-growing revenue gem doesn’t lose value.

In addition to hiring more reviewers to keep the app spammers at bay, there are a couple other options that Apple could implement.

Providing an option in the App Store for users to report spammy apps would be a way to crowd-source the spam reduction efforts. Many companies use this type of system to police the service they provide to users, such as Facebook, Instagram, Twitter and even the Google play store. By setting a dynamic threshold for negative feedback required to investigate, Apple could reduce its costs to support such a system, and also prevent developers from trying to maliciously push competitors out of the store. Not only could this method reduce the occurrence of app spam, but it could also be used as a feedback channel to help improve Apple’s ranking results in general.

Yet, when it comes down to brass tacks, Apple’s ranking algorithm is the most important factor for effectively preventing app spam. The algorithm is what exacerbates the problem of spam and incentivizes spammers not to quit their craft. This is because, unlike websites, app ranks (category, country and keyword) are influenced by the velocity of downloads (i.e. driving more downloads in a shorter period of time) that each app receives, both organic (i.e. driven from App Store search) and inorganic (e.g. driven by ad campaigns). Spammers target this algorithm weakness by using ultra-cheap, large-sale methods of generating massive download volume in short time frames, which enables their apps to rise to the top ranks within hours of being launched. Therefore, to truly solve the problem of app spam, Apple must update the way its algorithm works.

To dive deeper into the problem, these low-cost downloads that spammers use to manipulate Apple’s ranking algorithm come in several forms, ranging from incentivized installs on the more benign end of the spectrum, to downloads from users in other countries with hacked iTunes country settings in the middle-range, to device farm or bot installs on the malignant end.

This poses a potential pushback in the effort to stopping spammers. While device or bot farms and installs from other countries are generally regarded by the app community as unacceptable, many consider incentivized installs as an acceptable tactic, used by legitimate companies during an initial launch or other periods where they desire extra visibility. While incentivized installs can be used by legitimate apps, however, incentivized installs are still designed to manipulate rankings by acquiring a large number of installs from users who have little-to-no interest in the app itself other than simply earning an incentive (such as unlocking content in another app). While taken in the context of purely building brand awareness, this is not a problem; however, when considering that app rankings are a zero-sum game where downloads of all kinds affect rankings, this means that apps which gain rank via incentivized downloads push out apps that have worked hard to acquire downloads from more legitimate sources, often over a longer period of time, and marks the transition for incentivized installs from being acceptable to becoming harmful to the legitimacy of the App Store.

For example, here is a screenshot of rankings for the Tetris copycat app launched by the spammer identified in Herman Jakobi’s Tweet (not long after appearing, this app and its developer disappeared).

The first graph depicts the spammer’s ability to capture a top country and category rank, showing hourly data to highlight the swiftness of its ascent. The second graph shows the same app and highlights that, while its category and country rank earned the highest levels of visibility, relevant keywords this app was eligible to rank for (game and free game) did not show a level of rank improvement commensurate with its overall ranking improvement, in fact earning no rank at all.

In this is highlighted the difference between Apple’s two ranking algorithms: while an app’s category rank is influenced by general downloads of an app, Apple’s keyword algorithm is mostly influenced by only downloads that occur when users search that keyword and download the app.

While Tetminos illustrates the effects of a manipulation tactic designed to boost an app’s country/category rank, there is also a second type of manipulation tactic, designed to attain top ranks on individual keywords.

In this regard, Apple’s algorithm actually already helps prevent manipulation efforts. Apple’s keyword algorithm resists giving top keyword ranks to any app, even those with many downloads in general, unless people searching the keyword in question take to downloading that app more than other apps ranking for that keyword. In the Tetris spammer’s case above, this characteristic prevents Tetminos from capturing a top rank on the keywords it ranks for, despite the fact that it earned a top country and category rank.

Naturally, spammers have found a way around this algorithm trait. Their workaround tactic works by incentivizing users to search a particular keyword, find the target app among the results and download that app, thus manipulating Apple’s algorithm into raising the target app’s rank for that specified keyword.

Here we see an example of a spammer using a keyword manipulation tactic to capture a #1 spot within one day for several top keywords.

Although Apple’s search ads do influence keyword ranks, Apple’s keyword relevancy score provides a mechanism to prevent spammers from turning search ads into a spammer tool.

So how can Apple protect its algorithm from rank manipulation efforts?

One way is to increase the reliance on post-install data, such as how long a user keeps an app installed or how often they re-open it. While acquiring downloads from non-legitimate sources is cheap, acquiring active users either requires a quality product or far more budget to sustain, which requires more financial capital than most spammers are willing to spend. Indeed, it appears that Google may have recently released an algorithm ranking update pushing its algorithm in the direction of relying more on active user data. While it would likely require more work to collect and make use of engagement data on a more real-time basis, this would be one of the best ways to mitigate the vulnerability of Apple’s download velocity-driven algorithm.

While engagement data is a better indicator of whether users find value in an app than downloads, that data takes time to accumulate. One of the challenges is that attacking spam apps is like a constant game of whack-a-mole, where spammers that manipulate the rankings disappear almost as fast as they appear, as seen in the Tetminos example. This means that the solution must be capable of rooting out spam in real-time.

Another, more scalable approach would be to use download data on keywords an app is eligible to rank for as a more relevant ranking signal for category ranks. Even for spammers using keyword-ranking tactics, resources are typically targeted to one or a few keywords, rather than the hundreds or thousands of keywords an app could rank for, in an effort to concentrate their resources and attain the best rank. This means that the majority of keywords will be left open to betray the spammer’s true character. Apple could leverage this data by flagging apps that do not show an acceptably similar growth trend across all of the keywords it ranks for (as compared to the other apps it is competing with), and enact adjustments to such apps’ rankings. Similar to the act of making engagement a more important ranking signal, using aggregate keyword data would destroy spammers’ ability to operate by making the act of manipulating rankings too expensive.

Spammers will inevitably find ways to circumvent any fixes, but these methods could significantly help reduce the amount of spam currently in the App Store and give Apple some much-needed breathing room as its App Store monetization efforts ramp up. However, without satisfactorily addressing the problem of app spam, Apple runs the risk of alienating its legitimate developers and repelling users during the App Store’s most critical time to shine.

 

That's all for now, folks! Be sure to bookmark our blog, sign up to our email newsletter for new post updates and reach out if you're interested in working with us.

Incipia is a mobile app development and marketing agency that builds and markets apps for companies, with a specialty in high-quality, stable app development and keyword-based marketing strategy, such as App Store Optimization and Apple Search Ads. For post topics, feedback or business inquiries please contact us, or send an inquiry to hello@incipia.co.