Apple Adds Additional Password Protection for In-App Purchases

UPDATED: In an apparent attempt to quell concerns from parents, regulators and legislators, Apple (s aapl) has moved to require password entry on every in-app purchase, closing a 15-minute grace period that some children used to inadvertently rack up pricey charges of virtual goods. The latest update to its iOS software 4.3 will now include the requirement, which Apple hopes will add further protections against unwanted purchases.

As we’ve reported before, Apple has been under pressure to address the rising instances of children buying virtual goods in games without realizing they were incurring real payments. In some cases, parents did not make use of existing parental controls in iOS to restrict all in-app purchases. But in some cases, children were able to make inadvertent charges because Apple allowed users who enter a password for a purchase or download to make additional purchases for 15 minutes without re-entering their password. We reported earlier that Apple was considering closing the 15-minute password window, but it appears it’s only been applied to in-app payments, not downloads from the App Store.

“We are proud to have industry-leading parental controls with iOS,” Apple spokeswoman Trudy Muller told the Washington Post. (s wpo) “With iOS 4.3, in addition to a password being required to purchase an app on the App Store, a reentry of your password is now required when making an in-app purchase.”

Still, it’s unclear if this will satisfy everyone. The FTC recently responded to a call by Congressman Ed Markey and said it would look at Apple’s in-app purchase system, specifically the way it markets and delivers apps to children. Many of the games that have been cited are social games geared toward younger children. The requirement of a password doesn’t appear to address the marketing concerns of the FTC, Markey and others.

Some, like developer Recharge Studios have called upon Apple to publicize its refund policy and process in the App Store and have begun running a warning in App Store descriptions noting that in-app purchases require real money. Other developers like Capcom have also run similar warnings in their apps. The question is, will Apple need to formalize these warnings to ensure it’s informing parents and users about the real-world consequences of in-app payments?

Others have also wondered why in-app purchases feature bundles as high at $99 for virtual goods. Recharge Studios has dropped the highest price of its goods in Dolphin Play and is exploring time-based limits on purchases. Apple might consider similar rules to limit the potential for big purchases by children.

Apple is treading carefully here. It doesn’t want to slow down the in-app payment train, which is turning into a major money-maker. But it needs to be mindful of government concerns. It seems to have done just enough to appear to be responsive while making sure the 15-minute window is still preserved for App Store downloads. Closing that window across the board would be a big annoyance to users and could slow down the downloads of apps, which are often bought more than one at a time. I expect Apple may be pushed to eventually add more protections and warnings about in-app payments. But for now, it’s taking measured steps to ensure that in-app payments keeps chugging along.

UPDATE: An Apple spokesperson clarified that the password is not required for every in-app purchase but is necessary the first time someone opens up an app, even if it falls within 15 minutes of a password entry. If a parent agrees to the first purchase within an app, that opens up another 15 minute window. The idea is that requiring a password for the first in-app purchase should ensure that a parent has signed off on the payment. This is not as aggressive as we first reported and puts a little more responsibility back on parents.