Apple Mandates Passwords For In-App Purchases in iOS 4.3
Alongside the more prominent changes Apple’s implemented in iOS 4.3, Apple has changed the authentication process used to authorize in-app purchases, hopefully quelling any concerns that the previous fifteen-minute grace period could be used to rack up excessive bills.
Prior to this update, in-app purchases made within fifteen minutes of when you first bought the app in the App Store would not require you to enter your password again. Once that window had passed, future purchases would require re-authentication. This arrangement let you quickly get up to speed with apps that offer numerous purchase opportunities, as you could could get things set up without being prompted for your password every few moments.
Problem is, the person using the app in those first fifteen minutes wasn’t necessarily the one who purchased it and is in charge of the financial decisions linked to that account. There have been reports of children making hundreds of dollars in in-app purchases without realizing the real-world ramifications of their actions, drawing the attention of the FTC.
Obviously, the onus is on parents to be aware of how kids are using apps, but this is a nice safeguard for iOS users who just don’t pay much attention to how in-app purchases function. Apple hasn’t completely forgotten about usability, as you’ll still be able to make multiple app purchases from the App Store in succession without needing to enter your password each time.