1010Computers | Computer Repair & IT Support

Apple fails to block porn & gambling ‘Enterprise’ apps

Facebook and Google were far from the only developers openly abusing Apple’s Enterprise Certificate program meant for companies offering employee-only apps. A TechCrunch investigation uncovered a dozen hardcore pornography apps and a dozen real-money gambling apps that escaped Apple’s oversight. The developers passed Apple’s weak Enterprise Certificate screening process or piggybacked on a legitimate approval, allowing them to sidestep the App Store and Cupertino’s traditional safeguards designed to keep iOS family-friendly. Without proper oversight, they were able to operate these vice apps that blatantly flaunt Apple’s content policies.

The situation shows further evidence that Apple has been neglecting its responsibility to police the Enterprise Certificate program, leading to its exploitation to circumvent App Store rules and forbidden categories. For a company whose CEO Tim Cook frequently criticizes its competitors for data misuse and policy fiascos like Facebook’s Cambridge Analytica, Apple’s failure to catch and block these porn and gambling demonstrates it has work to do itself.

Porn apps PPAV and iPorn (iP) continue to abuse Apple’s Enterprise Certificate program to sidestep the App Store’s ban on pornography. Nudity censored by TechCrunch

 

TechCrunch broke the news last week that Facebook and Google had broken the rules of Apple’s Enterprise Certificate program to distribute apps that installed VPNs or demanded root network access to collect all of a user’s traffic and phone activity for competitive intelligence. That led Apple to briefly revoke Facebook and Google’s Certificates, thereby disabling the companies’ legitimate employee-only apps, which caused office chaos.

Apple issued a fiery statement that “Facebook has been using their membership to distribute a data-collecting app to consumers, which is a clear breach of their agreement with Apple. Any developer using their enterprise certificates to distribute apps to consumers will have their certificates revoked, which is what we did in this case to protect our users and their data.” Meanwhile, dozens of prohibited apps were available for download from shady developers’ websites.

Apple offers a lookup tool for finding any business’ D-U-N-S number, allowing shady developers to forge their Enterprise Certificate application

The problem starts with Apple’s lax standards for accepting businesses to the enterprise program. The program is for companies to distribute apps only to their employees, and its policy explicitly states “You may not use, distribute or otherwise make Your Internal Use Applications available to Your Customers.” Yet Apple doesn’t adequately enforce these policies.

Developers simply have to fill out an online form and pay $299 to Apple, as detailed in this guide from Calvium. The form merely asks developers to pledge they’re building an Enterprise Certificate app for internal employee-only use, that they have the legal authority to register the business, provide a D-U-N-S business ID number and have an up to date Mac. You can easily Google a business’ address details and look up their D-U-N-S ID number with a tool Apple provides. After setting up an Apple ID and agreeing to its terms of service, businesses wait one to four weeks for a phone call from Apple asking them to reconfirm they’ll only distribute apps internally and are authorized to represent their business.

With just a few lies on the phone and web plus some Googleable public information, sketchy developers can get approved for an Apple Enterprise Certificate.

Real-money gambling apps openly advertise that they have iOS versions available that abuse the Enterprise Certificate program

Given the number of policy-violating apps that are being distributed to non-employees using registrations for businesses unrelated to their apps, it’s clear that Apple needs to tighten the oversight on the Enterprise Certificate program. TechCrunch found thousands of sites offering downloads of “sideloaded” Enterprise apps, and investigating just a sample uncovered numerous abuses. Using a standard un-jailbroken iPhone. TechCrunch was able to download and verify 12 pornography and 12 real-money gambling apps over the past week that were abusing Apple’s Enterprise Certificate system to offer apps prohibited from the App Store. These apps either offered streaming or pay-per-view hardcore pornography, or allowed users to deposit, win and withdraw real money — all of which would be prohibited if the apps were distributed through the App Store.

A whole screen of prohibited sideloaded porn and gambling apps TechCrunch was able to download through the Enterprise Certificate system

In an apparent effort to step up policy enforcement in the wake of TechCrunch’s investigation into Facebook and Google’s Enterprise Certificate violations, Apple appears to have disabled some of these apps in the past few days, but many remain operational. The porn apps that we discovered which are currently functional include Swag, PPAV, Banana Video, iPorn (iP), Pear, Poshow and AVBobo, while the currently functional gambling apps include RD Poker and RiverPoker.

The Enterprise Certificates for these apps were rarely registered to company names related to their true purpose. The only example was Lucky8 for gambling. Many of the apps used innocuous names like Interprener, Mohajer International Communications, Sungate and AsianLiveTech. Yet others seemed to have forged or stolen credentials to sign up under the names of completely unrelated but legitimate businesses. Dragon Gaming was registered to U.S. gravel supplier CSL-LOMA. As for porn apps, PPAV’s certificate is assigned to the Nanjing Jianye District Information Center, Douyin Didi was licensed under Moscow motorcycle company Akura OOO, Chinese app Pear is registered to Grupo Arcavi Sociedad Anonima in Costa Rica and AVBobo covers its tracks with the name of a Fresno-based company called Chaney Cabinet & Furniture Co.

You can see a full list of the policy-violating apps we found:

Apple refused to explain how these apps slipped into the Enterprise Certificate app program. It declined to say if it does any follow-up compliance audits on developers in the program or if it plans to change admission process. An Apple spokesperson did provide this statement, though, indicating it will work to shut down these apps and potentially ban the developers from building iOS products entirely:

“Developers that abuse our enterprise certificates are in violation of the Apple Developer Enterprise Program Agreement and will have their certificates terminated, and if appropriate, they will be removed from our Developer Program completely. We are continuously evaluating the cases of misuse and are prepared to take immediate action.”

TechCrunch asked Guardian Mobile Firewall’s security expert Will Strafach to look at the apps we found and their Certificates. Strafach’s initial analysis of the apps didn’t find any glaring evidence that the apps misappropriate data, but they all do violate Apple’s Certificate policies and provide content banned from the App Store. “At the moment, I have noticed that action is slower regarding apps available from an independent website and not these easy-to-scrape app directories” that occasionally crop up offering centralized access to a plethora of sideloaded apps.

Porn app AVBobo uses an Enterprise Certificate registered to Fresno’s Chaney Cabinet & Furniture Co

Strafach explained how “A significant number of the Enterprise Certificates used to sign publicly available apps are referred to informally as ‘rogue certificates’ as they are often not associated with the named company. There are no hard facts to confirm the manner in which these certificates originate, but the result of the initial step is that individuals will gain control of an Enterprise Certificate attributable to a corporation, usually China/HK-based. Code services are then sold quietly on Chinese language marketplaces, resulting in sometimes 5 to 10 (or more) distinct apps being signed with the same Enterprise Certificate.” We found Sungate and Mohajer Certificates were farmed out for use by multiple apps in this way.

“In my experience, Enterprise Certificate signed apps available on independent websites have not been harmful to users in a malicious sense, only in the sense that they have broken the rules,” Strafach notes. “Enterprise Certificate signed apps from these Chinese ‘helper’ tools, however, have been a mixed bag. Zoe example, in multiple cases, we have noticed such apps with additional tracking and adware code injected into the original now-repackaged app being offered.”

Porn apps like Swag openly advertise their availability on iOS

Interestingly, none of the off-limits apps we discovered asked users to install a VPN like Google Screenwise, let alone root network access like Facebook Research. TechCrunch reported this month that both apps had been paying users to snoop on their private data. But the iOS versions were banned by Apple after we exposed their policy violations, and Apple also caused chaos at Facebook and Google’s offices by temporarily shutting down their employee-only iOS apps too. The fact that these two U.S. tech giants were more aggressive about collecting user data than shady Chinese porn and gambling apps is telling. “This is a cat-and-mouse game,” Strafach concluded regarding Apple’s struggle to keep out these apps. But given the rampant abuse, it seems Apple could easily add stronger verification processes and more check-ups to the Enterprise Certificate program. Developers should have to do more to prove their apps’ connection with the Certificate holder, and Apple should regularly audit certificates to see what kind of apps they’re powering.

Back when Facebook missed Cambridge Analytica’s abuse of its app platform, Cook was asked what he’d do in Mark Zuckerberg’s shoes. “I wouldn’t be in this situation” Cook frankly replied. But if Apple can’t keep porn and casinos off iOS, perhaps Cook shouldn’t be lecturing anyone else.

Powered by WPeMatico

Glide helps you build mobile apps from a spreadsheet without coding

The founders of Glide, a member of the Y Combinator Winter 2019 class, had a notion that building mobile apps in the enterprise was too hard. They decided to simplify the process by starting with a spreadsheet, and automatically turning the contents into a slick mobile app.

David Siegel, CEO and co-founder at Glide, was working with his co-founders Jason Smith, Mark Probst and Antonio Garcia Aprea at Xamarin, a cross-platform mobile development company that Microsoft acquired for $500 million in 2016. There, they witnessed first-hand the difficulty that companies were having building mobile apps. When their two-year stint at Microsoft was over, the four founders decided to build a startup to solve the problem.

“We saw how desperate some of the world’s largest companies were to have a mobile strategy, and also how painful and expensive it is to develop mobile apps. And we haven’t seen significant progress on that 10 years after the smartphone debuted,” Siegel told TechCrunch.

The founders began with research, looking at almost 100 no-code tools, and were not really satisfied with any of them. They chose the venerable spreadsheet, a business tool many people use to track information, as the source for their mobile app builder, starting with Google Sheets.

“There’s a saying that spreadsheets are the most successful programming model of all time, and smartphones are the most successful computers of all time. So when we started exploring Glide we asked ourselves, can these two forces be combined to create something very valuable to let individuals and businesses build the type of apps that we saw Xamarin customers needed to build, but much more quickly,” Siegel said.

Photo: GlideThe company developed Glide, a service that lets you add information to a Google Sheet spreadsheet, and then very quickly create an app from the contents without coding. “You can easily assemble a polished, data-driven app that you can customize and share as a progressive web app, meaning you can get a link that you can share with anybody, and they can load it in a browser without downloading an app, or you can publish Glide apps as native apps to app stores,” Siegel explained. What’s more, there is a two-way connection between app and spreadsheet, so that when you add information in either place, the other element is updated.

The founders decided to apply at Y Combinator after consulting with former Xamarin CEO, and current GitHub chief executive, Nat Friedman. He and other advisors told them YC would be a great place for first-time founders to get guidance on building a company, taking advantage of the vast YC network.

One of the primary lessons Siegel says they learned is the importance of getting out in the field and talking to customers, and not falling into the trap of falling in love with the act of building the tool. The company has actually helped fellow YC companies build mobile apps using the Glide tool.

Glide is live today and people can create apps using their own spreadsheet data, or by using the templates available on the site as a starting point. There is a free tier available to try it without obligation.

Powered by WPeMatico

The UK now has a law against upskirting

A law change that comes into force in the UK today makes the highly intrusive practice of ‘upskirting’ illegal.

The government said it wants the new law to send a clear message that such behaviour is criminal and will not be tolerated.

Perpetrators in England and Wales face up to two years in prison under the new law if they’re convicted of taking a photograph or video underneath a person’s clothes for the purpose of viewing their underwear or genitals/buttocks without their knowledge or consent for sexual gratification or to cause humiliation, distress or alarm. (Scotland, home of the traditional male clothing item known as the kilt, has had a law against upskirting since 2010.)

There have been prosecutions for upskirting in England and Wales under an existing common law offence of outraging public decency. But following a campaign started by an upskirting victim the government decided to legislate to plug gaps in the law to make it a sexual offence.

The Voyeurism (Offences) (No. 2) Bill was introduced on June 21 last year and gains royal assent today.

Where the offence of upskirting is committed in order to obtain sexual gratification it can result in the most serious offenders being placed on the sex offenders register.

Under the new law victims are also entitled to automatic protection, such as from being identified in the media.

While the UK government is intending the law change to send a clear message that upskirting is socially unacceptable, there’s no doubt that legislation alone can’t do that. Robust enforcement is essential to counter any problematic attitudes that might be contributing to encourage antisocial uses of technologies in the first place.

For example, in South Korea a law against upskirting carries a maximum sentence of five years in prison yet the legislation has failed to curb an epidemic of offences fuelled by cheap access to tiny hidden spy cameras and baked in societal sexism — the latter seemingly also influencing how police choose to uphold the law, with campaigners complaining most perpetrators get off with small fines.

Powered by WPeMatico

Sub-brands are the new weapon in China’s smartphone war

One of China’s top smartphone brands Vivo appears to have joined its fellows Oppo, Huawei and Xiaomi in setting up a new sub-brand as a softening market and heightened competition at home drive players to venture upon their original reach.

A new smartphone brand called iQoo made its debut on Weibo, China’s answer to Twitter, on Tuesday by greeting in English: “Hello, this is iQoo.” It also playfully encouraged people to guess how its name is pronounced, as the spelling doesn’t resonate with either Chinese or English speakers. Vivo immediately reposted iQoo’s message, calling iQoo a “new friend.”

Vivo has not further revealed its ties with iQoo, although the latter’s Weibo account is verified under Vivo’s corporate name. TechCrunch has contacted Vivo and will update the story when we have more information.

vivo iqoo

Screenshot of iQoo’s first Weibo post

Sub-brands have become a popular tactic for Chinese smartphone makers to lure new demographics without undermining and muddling their existing brand reputation. As the third-ranked player by shipments in 2018 according to research firm Counterpoint, Vivo is the only one in China’s top five smartphone companies without a subsidiary brand.

“Sub-brands can help fill the gap in parent companies,” Counterpoint’s research director James Yan told TechCrunch. “I think iQoo is a brand born for the gaming market, the online sales channel, or young consumers, similar to what Honor did to Huawei.”

Huawei cemented its top spot with solid growth in shipments last year by playing a two-pronged strategy. Its sub-brand Honor has its eyes on the mid-range and Huawei stays at the top end. Vivo’s sibling Oppo, which falls under the same electronics manufacturing outfit BBK, came up with an exclusively online brand Realme in 2018 to go after Xiaomi’s Redmi in India’s burgeoning smartphone market. Xiaomi pressed on by launching Poco for India’s high-tier market. To further solidify its multi-faceted approach, Redmi shed the Xiaomi branding in January to start operating as an independent brand focusing on cost efficiency.

These moves arrived as years of breakneck growth in China’s smartphone space comes to an end. Overall smartphone sales contracted 11 percent in 2018 according to Counterpoint, as users become more pragmatic and less likely to upgrade their handsets. Local players reacted swiftly by going global and introducing headline-grabbing features like Xiaomi’s folding screen and Honor’s pole-punch display, putting a squeeze on global players Apple and Samsung. In 2018, Huawei shored up a 25 percent market share to take the crown. Trailing behind was Oppo, Vivo, Xiaomi and Apple . Samsung plunged 67 percnet to take seventh place.

Powered by WPeMatico

InReach Ventures, the ‘AI-powered’ European VC, closes new €53M fund

InReach Ventures, the so-called “AI-powered” venture capital firm based in London, is announcing the first closing of a new €53 million fund targeting early-stage European technology companies — surpassing the original fund target of €50 million, apparently.

Founded by former Balderton Capital General Partner Roberto Bonanzinga, along with Ben Smith (former U.K. Engineering Director at Yammer) and John Mesrie (former General Counsel at Balderton Capital), InReach set out in 2015 to use technology to help scale VC, especially across Europe’s idiosyncratic and highly fragmented market.

The firm’s proprietary software-based approach, which is underpinned by machine learning, claims to be able to generate and evaluate deal-flow more efficiently than traditional venture firms that mostly employ human VCs alone — although, admittedly, practically every VC firm is underpinned by some eliminate of data science and/or technology these days. Berlin’s Fly VC is another machine learning-enabled early-stage VC that comes to mind.

However, InReach certainly appears to be putting its money where its mouth is, disclosing that it has invested over €3 million in the development of its software, codenamed “DIG”. To back this up, Bonanzinga tells me the firm employs “more software engineers than investors”. (I saw an early demo of the software a couple of years ago and even then it seemed legit.)

Regards the new fund, Bonanzinga says InReach is targeting the most promising and innovative startups across Europe, primarily in the areas of consumer internet, software as a service and marketplaces. “We are geographically agnostic and will invest in companies anywhere in Europe, from Helsinki to Barcelona, from Warsaw to Rome,” he says. “In most cases we will be the first institutional investors and our first cheques will be between €500,000 and €2 million”.

To date, InReach Ventures has invested in eight startups from across Europe. They include Oberlo (Lithuania), which was subsequently acquired by Shopify, Soldo (Italy/UK), Tutorful (U.K.), Shapr3D (Hungary), Traitly (Sweden) and Loot (Germany).

Below follows a lightly edited Q&A with Bonanzinga on the new fund, how AI can be used to scale venture capital, and why machines won’t put VCs out of a job entirely any time soon.

TC: You have often said that venture capital doesn’t scale, especially across a fragmented market like Europe, but what do you mean by this?

RB: People get very excited about ecosystems but the data shows that startups can come from anywhere; the big technology hubs or more remote locations. This is carried through to Europe’s largest exists: from Betfair in London to Zalando in Berlin, from Supercell and Spotify in the Nordics, to Critio in France and Yoox in Italy, and so on. So not only is deal sourcing fragmented across Europe, but so are the returns.

Traditional ventures firms have looked to manage this fragmentation by throwing people at the problem, but if you want true coverage you need to have a presence in every city in Europe. This is how you need to think of our technology platform, as like having a highly trained associate in every city and town across the whole of Europe, providing structured diligent deal-flow. With this data/technology driven approach we can be truly pan-European at the early-stage, even as the first institutional investor on the cap-table.

TC: A lot of VCs say they use technology to help find or manage deal-flow, how is InReach any different?

RB: Many venture firms talk about data and software. Lately, it has become a hot topic in pitches to limited partners. I predict a new hype: the rush of needing to check the box of “we have a data strategy”. We will have many firms with 30+ investment professionals and a data engineer in a corner. The real question is how many firms are willing to transform their professional service DNA into a product DNA? As always, this is more of a people/organisational question, rather than a question simply of the use of technology.

Take a look at InReach, we are a very atypical founding team for a venture firm. In particular, Ben Smith comes from a software engineering background and has built many data platforms and product development teams (most recently at Yammer/Microsoft). The majority of the people at InReach are software engineers. This is the only Venture Firm we know in which there are more software engineers than investors! So far we have invested over €3m in developing our proprietary technology platform.

TC: Without giving away your secret sauce, how does the InReach platform work, both in terms of the machine learning/feedback loop or the signals/data you plug into it?

RB: From a technology perspective, our logical architecture is primarily based on 3 distinct layers: data, intelligence, and workflow. The data layer is a mix of massive data aggregation, with deep data enhancement, including the generation of a large set of original data. The intelligence layer makes sense of these millions of data points through an ensemble of machine learning algorithms, ranging in complexity from simple rules to advanced networks. Given this data-driven approach and the significant deal-flow this generates, we invest heavily in building a workflow product which allows us to efficiently process thousands of companies each month.

TC: You say the final investment decision is still made by humans: why is that and do you think this will always be the case?

RB: As with any AI company, it’s all about data. We have spent the past 3 years aggregating data from across the internet and building algorithms to provide us with significant dealflow. Much more crucially, we have been collecting and generating our own proprietary data-set of investment decisions and how these startups grow and adapt over time. Clearly this will only get more powerful.

However, especially at this early-stage, so much of the investment decision is based on the founders and what we call the DNA fit of the founders and the problem they are trying to solve. Some of this can be encoded in algorithms and learnt by AI, but there are still intangibles that ultimately require that we ask the question: do we enjoy spending time together?

RB: What has been the reaction by under the radar founders when they are discovered really early via InReach’s software?

RB: The first question is always ‘How did you find out about us?’. Once we explain what we do and how the platform works we create an immediate connection with the entrepreneur. This is exactly what happened when we reached out to 5 entrepreneurs in Vilnius who had started a company called Oberlo. Over the following year, we helped them grow and expand to 30 people across both Vilnius and Berlin, prior to their acquisition by Shopify.

We are taking a very entrepreneurial approach to investing; we run InReach more as a product development organisation, rather than a professional services firm, so we look and feel native to the entrepreneurs we talk to. We try to share our experiences and current-best-practices through the company building process, whether it be OKRs, different agile development methodologies, product roadmaps, etc.

Reaching out to promising entrepreneurs early is not the only advantage that DIG gives us. We are also very efficient and responsive when analysing inbound opportunities. In fact, if you look at our website, we optimize our website to convert visitors to share their startup with us. We are not concerned with being bombarded by opportunities because we have developed a scalable workflow that allows us to efficiently manage significant dealflow.

Powered by WPeMatico

Jobvite raises $200M+ and acquires three recruitment startups to expand its platform play

Jobvite, the company that was once an early mover in leveraging social networks to help source job opportunities and find interesting candidates for openings, is today announcing two big moves to double down on its ambition to build a bigger platform for recruitment and applicant tracking.

The company has picked up an investment of over $200 million, and it will be using the money to acquire three smaller companies focusing on different aspects of the recruitment process: Talemetry (which specializes in recruitment marketing); RolePoint (for employee referrals and in-company moves); and Canvas (a text-based conversational bot to get the screening process started).

Jobvite is not disclosing its valuation with the funding, which is coming from private equity firm K1, but for a little guidance, in an interview, Dan Finnigan, Jobvite’s CEO, said it was a majority stake but nowhere near a full acquisition. (PitchBook’s last valuation of the company, of around $150 million, is very old, dating from September 2014; and it has never been confirmed by the company.)

The combined company will have 2,000+ customers that include Schneider Electric, Lenovo, Santander, PayPal, Genuine Parts, and Panasonic.

Finnigan says that Jobvite’s growth, and investor interest in backing that, is happening in tandem with two changes, one technological and another the evolution in how organizations handle human resources.

Several years ago, many companies — hoping to cut costs — merged together their personnel and recruitment operations, “and recruiting became an afterthought,” he said. That led to companies tacking on, as a kind of minimum viable solution, applicant tracking software but little or nothing else.

But more recently, the war for talent has escalated — not just because unemployment is low but because there are now multiple different opportunities and shortages of suitable people for specific, often emerging skills. In turn, businesses have started to realise “that recruiting is the backbone of every company, and that applicant tracking is just not enough,” he said.

At the same time, there have been evolutions in the technology. While a lot of recruitment software (and the recruitment process) has traditionally been quite fragmented, a move to cloud solutions has provided an avenue for consolidating the process and using one platform to manage it. (Google’s launch of Hire, which lets users manage job applicants using G Suite apps; LinkedIn’s recruitment platform; Zoho and SmartRecruiter are all prime examples of how cloud platforms are being used to build more complete sourcing and tracking services.)

Coupled with this is a rising use of technology like machine learning to remove some of the more mechanical aspects of a recruiter’s job to speed up processes.

Jobvite’s three acquisitions all play into both of these trends. Canvas, for example, uses a bot to source initial information about a candidate to start the screening process before human recruiters step in to take over.

Talemetry, meanwhile, taps into marketing tech to help identify where the most ideal candidates might be in order to better target job opportunities at them, in the form of ads or other kind of content.

Lastly, RolePoint will add a new feature to tap into referrals from existing employees, and to help manage in-company moves.

Finnigan likens the cloud-based platform approach that we’re seeing in the market to the impact Salesforce has had on the expanding concept of CRM. “We know that marketing and sales software have continued to evolve with new features like content marketing, and the same has happened in recruitment,” he said.

“We are excited to be investing in such an innovative set of technologies,” says Ron Cano, managing partner at K1 Investment Management, in a statement. “The talent acquisition industry is critical to our economy and ripe for disruption with outdated software still prevalent. K1’s investment will create the only true end-to-end talent acquisition platform and will provide our customers with accelerated growth in innovation of product features and services.”

Powered by WPeMatico

Bevy acquires community-focused networking company CMX

Bevy announced today that it has acquired CMX, which it describes as “the world’s largest community for community professionals.”

In other words, CMX is trying to connect and support the people whose job is to build communities around their companies. To do that, it organizes the CMX Summit and also offers membership to a private network called CMX Pro.

Bevy, meanwhile, has built software for companies to manage community events. In fact, the company was created by the organizers of Startup Grind, who said they initially built Bevy because of the challenge involved in managing all the different Startup Grind events.

The company now says it works with customers including Slack, Atlassian, Asana, Gainsight and Duolingo — in fact, Duolingo uses it to host 1,000 monthly events.

In an email, Bevy CEO Derek Andersen told me, “I’ve been a  CMX community speaker, sponsor, and member for many years, and there is no better way to get educated and networked in the community industry than CMX.”

The financial terms of the acquisition were not disclosed. CMX’s co-founder and CEO David Spinks will continue to lead CMX initiatives within Bevy, and he will become the company’s vice president of community.

“People are in desperate need of meaningful community,” Spinks said in the acquisition announcement. “They’re craving more depth, and that often comes through in-person, real world connection. Derek and the Bevy team have built a great platform to help teams scale their IRL community programs. We’re thrilled to join forces and work toward a more meaningfully connected world.”

Powered by WPeMatico

DoorDash is reportedly raising $500M at a $6B+ valuation

Just days after Postmates filed confidential paperwork for an initial public offering, the latest news in the on-demand delivery space is that competitor DoorDash is in the process of raising a $500 million round, The Wall Street Journal reports. The round would reportedly value DoorDash at more than $6 billion and possibly up to $7 billion.

According to the WSJ, Temasek Holdings Pte., Singapore’s state investment firm, is expected to lead the round.

Last year, DoorDash raised a $250 million round of financing that valued the company at $4 billion. In total, DoorDash has raised nearly $1 billion in funding from investors like SoftBank, Sequoia, DST Global, Kleiner Perkins and others.

Earlier this year, the food-delivery startup became the first startup to operate in all 50 states. Meanwhile, similar to Instacart, DoorDash has also reportedly been subsidizing worker pay with tips from customers, but DoorDash still has yet to respond to TechCrunch regarding the practice.

I’ve reached out to DoorDash and will update this story if I hear back.

Powered by WPeMatico

US iPhone users spent, on average, $79 on apps last year, up 36% from 2017

Apple’s push to get developers to build subscription-based apps is now having a notable impact on App Store revenues. According to a new report from Sensor Tower due out later this week, revenue generated per U.S. iPhone grew 36 percent, from $58 in 2017 to $79 last year. As is typical, much of that increase can be attributed to mobile gaming, which accounted for more than half of this per-device average. However, more substantial growth took place in the categories outside of gaming — including those categories where subscription-based apps tend to rule the top charts, the firm found.

According to the report’s findings, per-device app spending in the U.S. grew more over the past year than it did in 2017.

From 2017 to 2018, iPhone users spent an average of $21 or more on in-app purchases and paid app downloads — a 36 percent increase compared with the 23 percent increase from 2016 to 2017, when revenue per device grew from $47 to $58.

However, 2018’s figure was slightly lower than the 42 percent increase in average per-device spending seen between 2015 and 2016, when revenue grew from $33 to $47, noted Sensor Tower.

As usual, mobile gaming continued to play a large role in iPhone spending. In 2018, gaming accounted for nearly 56 percent of the average consumer spend — or $44 out of the total $79 spent per iPhone.

But what’s more interesting is how the non-gaming categories fared this past year.

Some categories — including those where subscription-based apps dominate the top charts — saw even higher year-over-year growth in 2018, the firm found.

For example, Entertainment apps grew their spend per device increase by 82 percent to $8 of the total in 2018. Lifestyle apps increased by 86 percent to reach $3.90, up from $2.10.

And though it didn’t make the top five, Health & Fitness apps also grew 75 percent year-over-year to account for an average of $2.70, up from $1.60 in 2017.

Other categories in the top five included Music and Social Networking apps, which both grew by 22 percent.

This data indicates that subscription apps are playing a significant role in helping drive iPhone consumer spending higher.

The news comes at a time when Apple has reported slowing iPhone sales, which is pushing the company to lean more on services to continue to boost its revenue. This includes not just App Store subscriptions, but also things like Apple Music, Apple Pay, iCloud, App Store Search ads, AppleCare and more.

As subscriptions become more popular, Apple will need to remain vigilant against those who would abuse the system.

For example, a number of sneaky subscription apps were found plaguing the App Store in recent weeks. They were duping users into paid memberships with tricky buttons, hidden text, instant trials that converted in days and the use of other misleading tactics.

Apple later cracked down by removing some of the apps, and updated its developer guidelines with stricter rules about how subscriptions should both look and operate.

A failure to properly police the App Store or set boundaries to prevent the overuse of subscriptions could end up turning users off from downloading new apps altogether — especially if users begin to think that every app is after a long-term financial commitment.

Developers will need to be clever to convert users and retain subscribers amid this shift away from paid apps to those that come with a monthly bill. App makers will need to properly market their subscription’s benefits, and even consider offering bundles to increase the value.

But in the near-term, the big takeaway for developers is that there is still good money to be made on the App Store, even if iPhone sales are slowing.

Powered by WPeMatico

Gmail gets a useful right-click menu

Google is giving Gmail a new right-click menu. And it’s about time. While you’ve long been able to right-click on any email in your inbox, your options were always limited. You could archive an email, mark it as read/unread and delete it, but that was about it. Now, as the company announced today, that’s changing and you’re about to get a fully featured right-click menu that lets you do most of the things that Gmail’s top bar menu lets you do, plus a few extra features.

Soon, when you right-click on a message in your inbox view, you’ll see a long list of features with options to reply to messages and forward them, search for all emails from a sender or with the same subject and open multiple emails in multiple windows at the same time. You’ll also be able to add labels to emails, mute conversations and use Gmail’s snooze feature, all from the same menu.

All of this is pretty straightforward stuff and none of it is especially groundbreaking, which makes you wonder why it took Google so long to implement it.

As usual, Google only tells us that it is rolling out this feature to G Suite users now (starting today for those on the rapid release schedule and on February 22 for those that follow the slower scheduled release cycle). But free users typically see these new features pop up somewhere around that same time frame, too.

Powered by WPeMatico