• Android Survey Highlights Piracy Problem

    Yankee Group and Skyhook Wireless issue report that faults Google for failing to do enough to prevent unauthorized app copying.

    Android developers make less money from paid apps than iOS developers, a disparity that appears to be attributable to software piracy.The Yankee Group, a consultancy, and Skyhook Wireless, a mobile location data company that's currently suing Google for excluding its geolocation system from Android devices, have surveyed 75 Android developers and found that they don't earn as much revenue as iOS developers and that they blame the gap, at least in part, on piracy.

    Some 27% of those surveyed see piracy as a "huge problem" and 26% say it's "somewhat of a problem." And 53% believe Google isn't doing enough to mitigate the damage caused by unauthorized app copying.
    About a third of respondents characterized the damage done as more than $10,000 annually and about as many said that piracy increases their support costs. Some 25% reported increased server costs associated with pirated apps.
    Complaints about piracy in the Android Market aren't exactly unheard of. Last year, Android software marker KeyesLabs notedthat the overall piracy rate for its app Screebl Pro was 67%.
    Google does provide a License Validation Library (LVL) that allows developers to determine whether an Android Market app has been acquired legitimately or not, but respondents complain that the LVL is easy to defeat without additional copy protection techniques and that such techniques generally alienate legitimate users.

    "[S]oftware piracy is a tremendous problem concerning Android apps, especially if apps act as a background service," said Android app maker SmartDyne in the report. "The Google license server policy is not satisfying all needs. In many countries, data flat rates are either not available or are very expensive so users tend to deactivate the mobile data connection. As a result, background services become unavailable from time to time. The only solution is a license key policy based on accounts and/or device IDs. But this results in higher effort for every purchased app and of course higher costs."

    Stating that "Android apps live in the Wild West without a local sheriff," the Yankee Group proposes several specific steps Google could take to deal with app piracy. These include establishing a market certification program to allow customers to tell good Android markets from bad ones, providing a way to verify that an app has been paid for online, and building a system that provides automatic code obfuscation and tamper checking for Android apps.

    David Keyes of KeyesLabs offered a similar proposal in the Android developer forum. "Google could do better, and I hope that they will," he wrote. "Obfuscation isn't really going to do much to improve the situation. What is really needed is O/S-level and app store support for signing apps (in real-time) based on user credentials, application authors, and phone characteristics. The dependence on the Android Market app is a single point of failure that is too easy to search for and find regardless of how obfuscated your code is."
    Google did not respond to a request for comment.
    Comments 5 Comments
    1. ca_aok's Avatar
      ca_aok -
      The failure here being that iOS has pirated apps as well?
    1. sandman_1's Avatar
      sandman_1 -
      How is what they proposed going to stop piracy because it won't. The pirates will find a way around any protection measure.
    1. Quarterquack's Avatar
      Quarterquack -
      Actually the article does detail a very successful way to stop piracy. OS level signing of the apps. Of course, since most manufacturers also make an open bootloader it may be moot, and against Google's open-source policy, but it still remains a very plausible solution if Google willing to move everything server side. I don't pirate any iOS or Android apps, for the record. I see no reason to. Most apps that I want add legitimately useful functionality at a fraction of the cost I would pay to get the associated hard copy/retro version of the item.
    1. ca_aok's Avatar
      ca_aok -
      As we've seen with iOS, the OS-level signing doesn't do shit once the phone is jailbroken (or in the case of android phones, rooted). Implementing that sort of feature would be a complete and utter waste of time.
    1. Pilferd's Avatar
      Pilferd -
      i can see not having $50 for a game, or not wanting to drop $25 on a movie but i still dont see why anyone would pirate a $.99 - $1.99 app ...