In response to the Digital Markets Act proposed by the European Commission, which could force sideloading of apps on iPhones in Europe, Apple shared an in-depth document highlighting the security and privacy risks of sideloading – the installation of applications from a source external to the official App Store, for example from a website or third-party store. In the paper, titled Building a Trusted Ecosystem for Millions of Apps, Apple states that
Mobile malware and the resulting security and privacy threats are increasingly common and predominantly present on platforms that allow sideloading. Apple, as an example, cited Nokia’s 2019 and 2020 Threat Intelligence Reports that 98% of mobile malware targets Android devices. According to the report’s estimates, there is an estimated “15 to 47 times more” malware infections on Android than on iPhones.
The main cause, according to the study, is sideloading: in 2018, for example, Android devices on which apps were installed outside of Google Play were eight times more likely than those who did not be affected. from potentially malicious applications.
Apple also said that malware on iOS is very rare and that most of the attacks that are made on the platform are “narrowly targeted, often carried out by nation-states”. Apple also added that “experts generally agree that iOS is more secure than Android, in part precisely because Apple doesn’t support sideloading.”
If forced to allow sideloading, Apple believes that users would be more susceptible to the dangers of malicious apps and would have less control over them after downloading and installing them. At-risk there would also be the privacy of users, a topic on which Apple is always very careful. According to the Cupertino company, in fact, some bills would also require the removal of protections against third-party access to proprietary hardware elements and non-public operating system functions.
Users who do not wish to sideload and who prefer to download apps only from the App Store would also be penalized by such impositions. In fact, some may have no choice but to install an app they need for work, school, or other reasons. Furthermore, attackers could induce users to install by simulating the App Store or by advertising free or exclusive features.
In recent months, Apple CEO Tim Cook had already said that sideloading “would destroy the security of the iPhone” and “many of the privacy initiatives that are integrated into the App Store”.