Apple has once again given insight into why sideloading apps on iPhone could be a major potential security risk. The company has shared a new document on its privacy website highlighting the importance of the App Store and how it helps keep iPhone users safe from malicious apps and malware.
In the same document, Apple cites a Threat Intelligence Report from Nokia, which found that “Android had 15 times more infections from malicious software than iPhone.” Recently, Apple’s CEO Tim Cook claimed that Android has 47 times more malware than iOS.
The reason behind this was attributed to Google allowing sideloading of apps on Android devices from anywhere. In comparison, iPhone users are safe from such malicious apps since they can only install apps from the App Store.
The Cupertino-based tech giant further states that if it allows sideloading of apps on iOS, it would “spur a flood of new investment into attacks on the platform. Malicious actors would take advantage of the opportunity by devoting more resources to develop sophisticated attacks targeting iOS users, thereby expanding the set of weaponized exploits and attacks – often referred to as a “threat model” – that all users need to be safeguarded against. This increased risk of malware attacks puts all users at greater risk, even those who only download apps from the App Store.”
Additionally, even if a user sticks to downloading apps from the App Store, they could be forced to sideload an app they need for work or school from a third-party store. Or they can just be tricked into downloading an app from a third-party store that looks like the App Store.
In the document, Apple highlights how the App Store and its stringent App Review process and guidelines help keep iPhone users safe from malicious apps and malware. On average, the App Store team consisting of over 500 people reviewed 100,000 new apps and updates every week.
In total, they removed or rejected nearly one million apps or app updates for violating privacy guidelines, spam content, misleading users, and more. The company also stopped over $1.5 billion in fraudulent transactions in 2020.