PhonepayPlus, the oddly-named regulator of premium rate telephone services in the UK, has today issued a consultation to the telecoms and digital industries in order to tackle the hidden threats to consumers from malicious apps on smartphones.
The consultation, which has been developed by the organisation formerly known as ICSTIS, looks to codify rules on how and when smartphone apps may charge consumers and provide a tribunal through which malicious app creators can be shut down.
Recently, the organisation has identified several smartphone packages which include hidden charges: one such app, which markets itself as a free battery monitor, accesses the text messaging facility without the user's consent in order to forcibly subscribe the user to a premium-rate subscription service.
It's that use of text messaging as a billing mechanism which allowed PhonepayPlus to shut down the service and issue the perpetrators with a fine of £135,000.
Today's consultation includes a number of key recommendations designed to prevent such abuse in future, along with guidelines for those looking to use premium rate services on smartphones as to how to avoid finding themselves in front of the organisation's tribunal in the future.
In the document, PhonepayPlus explains that all charges must be made clear to the consumer, and that apps operating under a 'freemium' model - whereby the initial app is provided free of charge, with additional functionality being unlocked upon payment - must take effort to ensure the user understands what functionality is free and how much it will cost to enable the remainder.
In the event of an app being classified as 'malware,' the organisation's tribunal has stated that no proof of consent - whether it's an 'opt-in' text message or a voice call to a premium rate line - will be considered robust enough to avoid cancellation of the premium rate service and a hefty fine.
In a bid to prevent children being targeted, the consultation document also details a requirement for apps to have a password entered each time it is opened, preventing anyone but the owner of the handset from authorising charges to be made against his or her account.
"We know that the best regulation is one that works collaboratively with industry to pre-empt before problems occur that harm consumers and damage markets," claimed PhonepayPlus chief Paul Whiteing at the announcement of the consultation.
"We will not hesitate to use our robust sanctioning powers to drive out rogue providers who could damage a vital part of the UK's growing and innovative digital and creative economies. We ask all businesses involved in the digital market, and the provision of smartphones and apps, to work with us to ensure we retain consumer confidence in digital content."
While the consultation document is a good start in increasing consumer protection from overcharging, it's not perfect: PhonepayPlus, as its name suggests, is the regulator for premium rate voice and data telephone services in the UK. Apps that use a different method of monetisation - such as in-app purchases made using a credit card - are exempt from their control.