Fitness Balance & Calories Tracker are two apps that have been removed from the Apple Store for tricking users into approving in-app purchases using Touch ID. How did they do it? Quite cleverly actually.
As part of the initial set up you are asked for a finger print scan to view your personal calorie tracker and diet recommendations. As your fingerprint is being scanned, pop ups appear asking you to approve several payments. Of course because you are having your fingerprint scanned, the payments are marked as approved. Very clever. You would admire the creativity if they weren’t racking up charges on your credit card.
This new attack vector gives us another thing that we need to watch out for when using apps, inappropriate use of Touch ID. Lucky for us if you have been victimized by this scam, all you have to do is contact Apple and ask for a refund.