Here's a story that might exacerbate your potentially diminishing faith in humanity. At the very least you might be disgusted at how people simply don't take responsibility for their actions these days. A woman named Ilana Imber-Gluck is suing Google because her son racked up a "whopping" [sarcasm] $65.95 of in-app purchases with the game Marvel Run Jump Smash. She is suing Google in a northern California court on behalf of herself and "all others similarly situated."

Her main point of contention is that there is a 30-minute window after downloading an app, in which the user - regardless of who that user might be - can activate in-app purchases without a password. Obviously, because the Google Play Store keeps your credit card on file, this "window of opportunity" allows the children of parents to potentially grab their device and rack up a huge bill before the parent has a chance to stop it. The problem comes because some games are free apps (which don't need a password), yet Google's account setup registers this as a "purchase" which attaches the ability to use the stored credit card info for in-app purchases without any password restriction.

Of course, the real wrinkle here is that this 30-minute window will exist only if the password check was previously disabled by the user, which had to have been done by the mom. Here's a quote with a few more details,

At the moment the 30-minute window can be avoided by going into the Settings menu of the Google Play Store and checking the option to "use password to restrict purchases." That will force the user to input their password, even for in-app purchases on a newly-downloaded game. In fact, this is the default behavior for Google Play - Imber-Gluck must have disabled it herself through the menu or one of the in-app purchase popup dialogs in order to open up the 30-minute window.

The core question of the suit may come down to whether or not this option is made clear to parents, and how much responsibility they have to understand the systems they and their children are using versus how much responsibility Google has to protect its users from possibly unwanted purchases. Developers should keep a close eye on this one, since forcing a password check for each and every purchase could alter the dynamics of Play Store and in-app purchases.
As you can see, the password situation could probably use some tweaking by Google, but the issue is a relatively minor one. Furthermore, users themselves should probably pay more attention to what options they choose for their apps to balance personal convenience and security. In this instance, it seems that Imber-Gluck is using the court system to address a grievance which could have been handled in other ways. It also seems she is avoiding taking responsibility for her own action (or inaction).

BTW... here's a link to the Google Play Store to check out the game for those interested: Google Play Store - Marvel Run Jump Smash

originally written by dgstorm

Source: AndroidPolice