Jump to content

Forced app download: Difference between revisions

From Consumer_Action_Taskforce
← Older editNewer edit →
VisualWikitext
Cammy (talk | contribs)
26 edits
added source for setup and force app usage and internet connection
Ixus (talk | contribs)
37 edits
m Added example and screenshot for banking and finance - Citibank Singapore
Line 57: Line 57:
All banks in Singapore (Citi, DBS, UOB, OCBC, Standard Chartered, CIMB) mandate use of their apps for consumers to perform any online banking activities, including logging in via their web browser.
All banks in Singapore (Citi, DBS, UOB, OCBC, Standard Chartered, CIMB) mandate use of their apps for consumers to perform any online banking activities, including logging in via their web browser.
[[File:Forced app download.png|thumb|Luckin Coffee, a China-origin Starbucks competitor, forces you to download their app to order and pay for coffee. You cannot order coffee at the cashier in their store, let alone pay. You must use the app to interact with this business and digital payments to pay.]]
[[File:Forced app download.png|thumb|Luckin Coffee, a China-origin Starbucks competitor, forces you to download their app to order and pay for coffee. You cannot order coffee at the cashier in their store, let alone pay. You must use the app to interact with this business and digital payments to pay.]]
[[File:Forced app download - Citibank Singapore.png|thumb|Citibank Singapore has deliberately disabled many basic functions such as rewards redemption on its website since 2024, forcing users to download and use their mobile app as an "alternative".]]
The apps generate notifications that require users to approve/deny actions like logging in via a web browser, initiating a payment, adding a payee, etc via the app itself. Some banks previously offered sending an OTP via SMS (text) as an alternative to app-based approval but this has since been discontinued for "security reasons".
The apps generate notifications that require users to approve/deny actions like logging in via a web browser, initiating a payment, adding a payee, etc via the app itself. Some banks previously offered sending an OTP via SMS (text) as an alternative to app-based approval but this has since been discontinued for "security reasons".


Revision as of 11:54, 27 February 2025

⚠️ Article status notice: This article has been marked as incomplete

This article needs additional work to meet the wiki's Content Guidelines and be in line with our Mission Statement for comprehensive coverage of consumer protection issues.

This notice will be removed once sufficient documentation has been added to establish the systemic nature of these issues. Once you believe the article is ready to have its notice removed, visit the discord and post to the #appeals channel.

Learn more ▼

Forced app download is a practice by businesses and government entities, where users are forced to download an app to their phones to perform basic tasks that could have otherwise been done on a standard web browser[1] (e.g., adding a credit card for payments) or in real life (e.g., ordering a coffee).

Forced app download is becoming increasingly popular in many countries pushing digitization. A prime example is Singapore whose government is all-in on digital everything, where it is impossible for anyone to have a bank account without using the bank's app, and everyone must have a device that runs stock iOS or Android in order to download various government and business apps from their respective official app stores. Devices must also be running stock operating systems, since most government and business apps conduct intrusive checks and require extensive technical knowledge to run if a device is jailbroken or rooted.[2][3]

Most companies[4] (and likely most governments)[5] would love for this to happen in more countries across the globe because forced app download allows for:

  1. Identification and tracking of users - not just on an account level and payments, but through deep device identifiers, location, and network connection
  2. Push of the cashless agenda - digital-only payments typically go hand-in-hand with app-only experiences
  3. Increased digital integration - endless possibilities of integrating and sharing data with payment processors, ad providers,
  4. Increased centralization and dependency on big companies - putting more power in the hands of big tech (Apple and Google) with mandatory official app store downloads and big payments (Visa and MasterCard) with forced digital payments

Characteristics

Forced app download involves:

  1. Forcing download and use of app to interact with a business - Basic tasks like ordering, making payments, changing settings.
  2. Deliberately crippling or removing functionality from the web experience - Prevent users from having an alternative interface to perform basic tasks.
  3. Forcing users to always be on the latest version of an app - "For your security" (as they usually claim), most of these apps will constantly check for the latest version and self-disable if they are older than X versions (varies by company)
  4. Mandatory use of account - For most of these apps to work, you must have an account for features to work. For example, with the Luckin Coffee app, you must create an account tied to your phone number. You cannot order as a guest

Key implications

User tracking and intrusion of privacy

The hallmarks of forced app download are mandatory account creation and usage, and digital payments. This allows tracking of the user not just by the company behind the app, but the payment provider and any other associated third-party partners.

Mandatory use of "approved devices" and big-tech operating systems

Most apps are only available for download on official from official app stores, meaning consumers must use a device running stock iOS or Android, or else jump through hoops to run them[6][7].

Devices must also be running stock operating systems since most government and business apps conduct intrusive checks[8] and will not run if a device is jailbroken or rooted.

Some companies such as big banks in Singapore have also started incorporating checks for "unverified apps" in their app. This means their app will scan your phone and check for sideloaded apps (anywhere that is not the official app store. For example, an app downloaded directly from APK Mirror or an unofficial app repository like F-Droid) as part of "anti-scam security measures that include restricting customers from accessing the banks’ digital services on their mobile phones if apps from unverified app stores – also known as sideloaded apps – are detected"[9]

Surge pricing

So far, the implementation of surge pricing in the context of businesses that use forced app download has not yet been seen. However, trust that the enterprising individuals and ecommerce platform providers (especially "modern headless ecommerce" companies[10]) looking to maximize clean out of consumers' wallets will quickly develop and deploy surge pricing once businesses with forced app download gain sufficient footing both in their respective industries and in general market penetration.

Since ordering and payments are entirely digital, it is very possible to see surge pricing (similar to what we've seen from ride hailing companies like Uber, Lyft and Grab) implemented across other industries.

For example, a restaurant that is popular enough could implement surge pricing to charge more during peak hours, like weekday lunch time to hit the downtime office crowd that is lacking in time and places to eat, or Friday night when many people are looking to go out.

Third-party integration

Just like how some car insurance providers in the US are adjusting their rates based on "smart" reporting from cars, it is also very possible for other intrusive and oppressive pair ups to happen. For example:

  • Restaurants, cafes and bars with forced app download sharing data with health insurance companies, who increase your premium if they see a lifestyle/pattern of ordering unhealthy dishes or overly large portions, or frequenting that bubble tea shop too often.
  • Government tax agency charging you "excess carbon footprint" taxes because you often order a lot of clothes beyond the number that the "Average" person of your profile wears, based on what your favorite fast fashion retailer with forced app download is sharing with them.
digital turbine logo
digital turbine logo
Singapore banks will "restrict access if unverified apps AKA sideloaded apps are found on customers' phones" (News story from Sep 2023)

Examples

Mobile Carriers and App marketplaces

Companies like digital turbine auction[11] off placement in carriers automatic download lists and recommended app's placement in first and third party app stores[12]

Digital turbine sells forced app downloads from app developers like: zynga, miniclip games, King Digital Entertainment and Uber, placement in forced download lists to carries like: Verizon, At&T, Cricket wireless, us cellular, tracfone and T-mobile. [13]

Banking and finance

All banks in Singapore (Citi, DBS, UOB, OCBC, Standard Chartered, CIMB) mandate use of their apps for consumers to perform any online banking activities, including logging in via their web browser.

Luckin Coffee, a China-origin Starbucks competitor, forces you to download their app to order and pay for coffee. You cannot order coffee at the cashier in their store, let alone pay. You must use the app to interact with this business and digital payments to pay.
Citibank Singapore has deliberately disabled many basic functions such as rewards redemption on its website since 2024, forcing users to download and use their mobile app as an "alternative".

The apps generate notifications that require users to approve/deny actions like logging in via a web browser, initiating a payment, adding a payee, etc via the app itself. Some banks previously offered sending an OTP via SMS (text) as an alternative to app-based approval but this has since been discontinued for "security reasons".

Insurance

Auto insurance companies like Progressive, require non policy holders effected by automotive incidents their policyholders claim to submit photos and video evidence of damages exclusively through their mobile app.[14] Affected non policy holders can't complete the entire claim process through their website even though you can start the process online from any device and web browser. [14]

Utilities and public services

SP Group is Singapore's primary and default electricity provider, as well as the country's only provider for gas and water for consumers. In 2022, SP Group removed the ability to manage payments from their website, forcing users to download and use their mobile app to pay bills/manage recurring payments[15].

As they are the country's only provider for gas and water, everyone in Singapore MUST download their app at some point.

Home appliances and hardware

Speaker and sound hardware company Sonos has been a big practitioner of forced app download since at least 2017[16]. Sonos makes it extremely difficult and annoying, if not impossible for their customers to use their purchased hardware without an app and/or internet connection.

Even though it is possible to use Sonos speakers without an app, initial setup has required the download and use of Sonos' app since at least May 2022.

"Yes you can (use the Sonos Roam speaker without an app). However, you will need to set it up for the first time using the app." (May 2022)[17]

In addition, not all Sonos products support use without an app (April 2023)[18] and even if they do, sans-app usability is only limited to one speaker.

"You can use speakers without an app, but it only applies to a single speaker. If you want to play audio across multiple speakers, you will have to use the app and there is no other workaround to this." (Dec 2021)[19]

Hobbyist tools

3D Printer manufacturer Bambu Lab forces users to bind their machines to an account via the use of an app called Bambu Handy and also forces the user to connect the machine to the internet whether they want to use LAN only mode or not. The fallout of this is that if you reset a machine and the servers are shut down the machine is a brick. [1]

Retail and ecommerce

Ecommerce giant Shopee which has a stronghold in online retail in South East Asia and Latin America has integrated a soft forced app download to their customer experience.

While it is still possible to browse, shop and checkout on a web browser, coupons usable on the web experience (regardless if mobile or desktop device) are limited to "Shipping Discount" coupons only. All other shopping coupons "Discount & Cashback" are only usable with Shopee's apps on iOS and Android.

When a customer attempts to check out on a web browser, Shopee shows that Discount & Cashback coupons are not usable because "Current device does not meet voucher T&C". On closer inspection of the terms and conditions of those coupons, Shopee specifies "Device: iOS, Android". What they are referring to is you must download and use their mobile apps for those operating systems in order to use most of their coupons. As pictured, the coupons are still not available on iOS and Android devices if the customer is using their web browser. They MUST download the Shopee app.

LEFT: Shopee limits customers to using "Shipping Discount" coupons only if checking out on a web browser (desktop and mobile). MIDDLE: All other shopping coupons "Discount & Cashback" are only usable with Shopee's apps on iOS and Android. RIGHT: Closer inspection of the terms and conditions where Shopee specifies a device requirement for using many of their coupons. When Shopee specifies "Device: iOS, Android", they mean customers must download and use their mobile apps for those operating systems in order to use most of their coupons. Using a web browser on iOS and Android does not count and coupons in question remain disabled in this scenario.
Using a web browser on iOS and Android does not count and coupons with the device requirement remain disabled. What Shopee means by "Device: iOS, Android" in their coupons' terms and conditions is that customers MUST download and use the Shopee app for those coupons to be usable.

Food and beverage

An increasing number of 'digital-native' food businesses that are app-only are making their way onto the market. For example, Luckin Coffee, a Starbucks competitor of China origin with stores in Singapore and planned expansion into Malaysia and the US in 2025[20], only allows ordering of beverages and payments via its app. The way it works is you download the app, register an account, log in, order a coffee and pay for it, then pick it up at a Luckin Coffee location. "With Luckin, you do not order coffee over the counter like in regular Western coffee shops. Instead, you do everything online. I ordered my drinks here without even needing to talk to the Barista!"[21]

With a food-and-beverage business that is fully committed to forced app download like Luckin Coffee, there is no way to order nor pay at the physical store. You must download and use the app to interact with the business.

Forced app download represents the next stage of evolution from QR code based ordering. The key differences are:

Characteristic Forced app download QR-code based
Interface App downloaded from official app store Page opened in your choice of web browser
Ordering Order MUST be placed via app QR is pushed but usually possible to order offline (in real life)
Login You MUST create an account and log in to place an order Not required, often no registration is possible
Payments Cashless digital payment only

Payment MUST be made via app

Depending on website, sometimes order online, pay offline

Depending on business, cash payments are usually possible

References

  1. D. Tian, Y. Ma, A. Balasubramanian, Y. Liu, G. Huang and X. Liu, "Characterizing Embedded Web Browsing in Mobile Apps," in IEEE Transactions on Mobile Computing, vol. 21, no. 11, pp. 3912-3925, 1 Nov. 2022, doi: 10.1109/TMC.2021.3065945.
  2. https://discuss.grapheneos.org/d/8330-app-compatibility-with-grapheneos
  3. https://github.com/chiteroman/PlayIntegrityFix
  4. https://cybernews.com/news/facebook-spying-snapchat-youtube-amazon-installing-kits/
  5. https://lunduke.substack.com/p/the-pokemon-go-spying-conspiracy
  6. https://wiki.archlinux.org/title/Android#Run_Android_apps_on_Arch_Linux
  7. https://stackoverflow.com/a/18003462
  8. https://developer.android.com/google/play/integrity/setup#default
  9. https://www.channelnewsasia.com/singapore/dbs-uob-anti-scam-sideloaded-app-malware-measure-latest-bank-restrict-app-access-3796806
  10. https://www.forrester.com/blogs/doing-selling-and-being-headless-commerce/
  11. https://www.digitalturbine.com/dt-fairbid
  12. https://www.digitalturbine.com/telecom
  13. https://www.digitalturbine.com/
  14. 14.0 14.1 https://www.progressive.com/claims/auto-process/
  15. https://www.spdigital.sg/spapp/bill-payment
  16. https://en.community.sonos.com/advanced-setups-229000/make-sonos-work-without-internet-6795315
  17. https://en.community.sonos.com/portable-speakers-229130/can-i-use-a-roam-without-the-app-6869207
  18. https://soundscapehq.com/how-to-use-sonos-without-app/
  19. https://earrockers.com/can-you-use-sonos-speakers-without-the-app/
  20. https://www.worldcoffeeportal.com/Latest/News/2024/October/China-s-Luckin-Coffee-reportedly-planning-US-launc
  21. https://www.clearlycoffee.com/review-signature-luckin-coffee-drinks-photos-creamy-dreamy-big-cheesy-coconut-latte/
Retrieved from "https://consumerrights.wiki/index.php?title=Forced_app_download&oldid=10169"