Tuesday, August 8, 2023

Another User Locked Out of Apple Account

Wasingtheisofwas (Hacker News):

So this morning I go to update my apps. Instead of it going ahead with the update or asking for my fingerprint or the like, I get a message saying “your account has been disable in the app store and itunes”.


I reach out to customer service. They tell me that I have violated the terms and conditions of the app store. I ask them to explain and they say that the account has been flagged for “Fraudulent Patterns”. I have no idea what that means, or what I could possibly have done on my iPhone that would constitute fraud.

The customer support rep tells me that I will need to create a new Apple ID. When I ask him what will happen to all of the content that I have paid for over the years, as well as the subscriptions that I am currently paying for, he tells me that there is nothing he can do and that I cannot be refunded.


The Apple Support Senior Advisor told me it was permanent.[…]

It’s not “under review” It’s not “temporary” and there is no “possibility of regaining my ID”

Because it’s about security, Apple won’t say what the infraction supposedly was. The support manager says there’s no procedure to get the account reinstated even though this happens “frequently.”

Francisco Tolmasky:

If I am understanding this thread correctly, Apple might disable your AppleID if your credit card is stolen… even if the fraudulent charge doesn’t even happen on your account. It’s crazy that disabling an AppleID is a remedy for anything, let alone things not happening on your account. That means you’d lose all your emails on iCloud, BACKUPS on iCloud, data, your logins to every site you used sign-in-with-Apple, the list goes on. This is absolutely crazy.


Update (2023-08-09): Ezekiel Elin notes that it may be that Wasingtheisofwas retains access to iCloud and was only barred from purchased content. In theory, the iCloud data could be migrated to a new account, although I don’t think it would necessarily be easy or even possible for all apps.

Matt Ankerich:

I can’t get apple to let me CHANGE my appleID and delete the atme email address associated with it (it is on the dark web because of a data leak, and I get hundreds of spam emails addressed to the account daily). The only remedy is to delete the appleID which would annihilate my purchases. The holiness that apple treats these original ids is absurd not to mention that we can’t merge IDs purchased content into single accounts.


Update (2023-08-15): Mike Rockwell:

I hope we’re nearing a future where you can realistically use an iPhone without an Apple ID at all — replacing all of Apple’s services, including the App Store, with independent alternatives.

Lots of third-party apps are locked in via CloudKit.

10 Comments RSS · Twitter · Mastodon

Is there any software that can make backups of all iCloud data (e.g., email, reminders, calendar, contents of iCloud Drive, etc)? Or do we have to do it ourselves using the export feature of the various Apple apps?

This is horrifying. Remember when Apple said the Macintosh was the hub for your digital lifestyle? Now an AppleID & iCloud account is! But Apple can metaphorically break into your house and steal your digital hub?

In such an eventuality, what happens to the devices connected to that apple ID?
Do they stay connected to that account, do they become paperweights?

> …Apple might disable your AppleID if your credit card is stolen… even if the fraudulent charge doesn’t even happen on your account…

So one way around this issue might be to use PayPal as a middleman (in supported regions) instead of a credit card. Even if the card associated with the PayPal account is stolen, Apple presumably wouldn't be able to lock your Apple ID since the card isn't directly stored with them.

There’s a fair number of commenters that say something similar to this post:

To be clear: OP hasn’t lost their account. They’ve lost the ability to download content from the App Store/iTunes, update apps, etc. They still have access to everything else about their account. You can lose your entire account if it ends up disabled but the only message they’ve reporting receiving doesn’t have anything to do with the rest of their Apple ID.

If true and the user abused, say, someone else’s credit card and the card owner shut it down, claiming fraud or whatever, losing the ability to access Apple’s stores makes some sense.

Here’s to hoping that’s what happened.

That does not make this okay.
The core idea that companies with hundreds of millions of users can treat them like garbage with no accountability is perverse.

Google, Facebook, Apple, and Amazon are too big, and play such big roles in society that they need to have some way of dealing with this where individual customers have a fighting chance of being treated in a just way.

So what if he used a stolen credit card to do some transactions? That doesn't mean ALL of his transactions should be invalidated.

This is one of the reasons I avoid buying media and expensive apps on App Stores and won't store essential data in anyone's cloud.

Also, and more importantly, Apple and Google have put so much effort into becoming the gatekeepers of our digital lives, they should now be treated accordingly. Recent legislation in the EU already goes into the right direction. But I think more needs to be done. Especially about individual account closures like this. Hiding behind TOS should not be this easy.

Agree 1000% about the need for legislation for this. Companies (at least of a certain size) need to provide detailed reasons for disabling an account and a way to appeal the decision.

"This is one of the reasons I avoid buying media and expensive apps on App Stores and won't store essential data in anyone's cloud."

At least on Android, when Google steals your apps, you can easily steal them back.

This is why I still live like my Mac is my digital hub even though that doesn't really ring true anymore. Nothing of value in any online that I don't have local copies of. Well, except all those digital purchases that require online activations that is. Mostly I tend to avoid that kind of software if at all possible.

Leave a Comment