Apple shared a detailed document outlining the privacy and security risks associated with sideloading apps in response to the European Commission’s Digital Markets Act. Sideloading is the act of installing apps from outside the App Store. This could be done via a website, or third-party app store.
Apple's document, Building a Trusted Ecosystem to Support Millions of Apps states that mobile malware and its resulting security threats are becoming more common on platforms that allow sideloading. Apple cited Nokia 2020 and 2019 Threat Intelligence Reports, which found Android devices had an "estimated 15% to 47 times more malware infections than iPhones."
Android smartphones are the most popular mobile malware targets. They have been infected with malicious software between 15 and 47x more than iPhones. According to a study, 98 percent mobile malware is targeted at Android devices. This is closely tied to sideloading. In 2018, for instance, Android devices with apps installed outside of Google Play, an official Android app store, were eight-times more likely to become infected by potentially dangerous applications than those without.
Apple countered that iOS malware is very rare, and claimed that most attacks on iOS are "narrowly targeted attacks", often perpetrated by nation-states. Apple stated that iOS is more secure than Android because it does not allow sideloading.
Apple stated that sideloading would expose users to more malware and give them less control over the apps they install on their devices. Apple stated that sideloading legislation proposed by Apple would require users to remove protections against third party access to proprietary hardware elements, non-public operating systems functions, and other security and privacy risks.
Apple stated that even those who do not wish to sideload apps and prefer to only download App Store apps would be affected if sideloading was required. Some users may not have other options than to sideload an app they require for school, work, or other reasons. Apple also stated that criminals could trick users into sideloading apps using the App Store's appearance or offering exclusive features for free.
In a June document, Apple addressed many of these points. Apple CEO Tim Cook claimed previously that sideloading apps would "destroy the security of iPhone" and "a lot if the privacy measures that we've built into App Store."
Apple's document continues to give examples of malware that can affect mobile platforms such as Android, and further arguments against sideloading.
Apple's App Store has been under increasing scrutiny. It is the only place you can download apps for the iPhone or iPad. This excludes jailbroken devices. Epic Games, the creator of Fortnite, sued Apple last year over anticompetitive conduct. However, it failed to get the court to make Apple allow third-party apps stores on iOS.
