Brown Presses Apple and Google on Protections Against Crypto App Fraud

Letter

Dear Mr. Cook:

In recent years, crypto trading platforms and exchanges have experienced a surge in popularity with millions of investors downloading mobile apps to trade and invest in digital assets. Millions of Americans use mobile apps to invest in unregulated digital assets, including cryptocurrencies. Crypto mobile apps are available to the public through app stores, including Apple's App Store. While crypto apps have offered investors easy and convenient ways to trade cryptocurrency, reports have emerged of fake crypto apps that have scammed hundreds of investors.

The Federal Bureau of Investigation (FBI) recently issued a warning about the proliferation of fake cryptocurrency mobile apps created by cyber criminals to defraud investors.1 Cyber criminals have stolen company logos, names, and other identifying information of crypto firms and then created fake mobile apps to trick unsuspecting investors into believing they are conducting business with a legitimate crypto firm. Alarmingly, far too many investors have fallen victim to such scams with losses exceeding $42 million. According to the FBI, in one case, cyber criminals defrauded at least two dozen investors by creating a mobile app that used the name and logo of a real trading platform. Investors downloaded the app and deposited cryptocurrency in wallets. Ultimately, the app was a fake and the victims of the scam could not withdraw funds from their accounts.

While firms that offer crypto investment and other related services should take the necessary steps to prevent fraudulent activity, including warning investors about the uptick in scams, it is likewise imperative that app stores have the proper safeguards in place to prevent against fraudulent mobile application activity.

To better understand the measures your company is taking to prevent fraudulent activity in your app store, please respond to the following questions by August 10, 2022:

Describe the review process your company takes before approving crypto apps to operate in your app store. In your response, please provide the following information:
The factors or criteria used by your company to determine whether to grant approval to an app, including the steps your company takes to confirm the app seeking approval is a trusted and secure app.
Describe the steps your app store takes to prevent cryptocurrency apps operating in your app store from circumventing app store policies by transforming into phishing apps. In your response, please describe in detail the frequency to which your app store monitors apps to safeguard against fraudulent activity as well as the steps it takes to remove apps determined to be fraudulent.
Describe all the systems and processes your company has in place for people to report fraudulent apps.
Describe all actions your app store has taken to alert people about actual or potential fraudulent activity associated with cryptocurrency investment apps.
Since January 2020, has your app store coordinated or shared any actions or activities with other app stores related to the suspension or removal of fraudulent cryptocurrency apps? If so, please explain.
Thank you for your prompt attention to this request. Should you have any questions, please do not hesitate to contact my staff at (202) 224-7391.

Sincerely,

Source