@reeshuffled on Github

Why I Think IAP Spoofing is Stealing

711 Words • Philosophy • 03/20/2021

This is an abbreviated version of a longer paper that I have written called, “The Ethical Status of In-App Purchase Spoofing”. If you would like to read the full paper, please contact me. In-app purchases (IAPs) are small in-app items or features that are purchasable and typically only affect in-app activities. IAP spoofing occurs when a person receives an IAP without paying for it by tricking the payment authentication system. In this paper, I argue that IAP spoofing should be classified as a kind of stealing.

An in-app purchase is some kind of small in-app item or feature that you can purchase to enhance your experience. Various examples include character skins, ad removal, or player power-ups. IAP spoofing is the act of tricking the payment authentication system to believe a valid purchase occurred, even when no money was actually exchanged. The app would not be able to tell the difference, so then the hacker would be able to receive whatever benefits from the IAP without having to pay. When a hacker routes the payment request to their server instead of the app’s payment server in order to trick the app, it is called a man-in-the-middle attack. This server sends back a legitimate looking payment receipt to the app, thus tricking the application into thinking that the user purchased something. Some apps that are made by larger companies have more sophisticated servers that do not allow for these kinds of attacks, but independent developers and smaller companies do not have the resources to protect against these kinds of actions.

My argument that IAP Spoofing is actually theft is as follows:

  1. Virtual objects can be owned.
    1. A virtual object is something stored in a database and corresponds to something that the player can use/interact with.
    2. A person can have exclusive access when the virtual object is stored in their portion of the database, and no one else’s.
    3. Ownership can be defined as exclusive access to an object.
    4. Therefore, virtual objects can be owned.
  2. For something to be theft, it must have the following necessary conditions:
    1. It is non-consensual.
    2. It deprives the owner of (exclusive) access.
  3. Virtual objects can be stolen.
    1. Virtual objects can be owned (Premise 1).
    2. Virtual objects can be non-consensually taken from users (i.e. hacking).
    3. Therefore, digital objects can be stolen.
  4. (Some) IAPs are virtual objects.
    1. There are two main kinds of IAPs: in-game items or feature unlocks.
    2. In-game items are represented as data in the database.
    3. Features are represented as code, not as data in a database.
    4. Therefore, in-game items are virtual objects, but features are not.
  5. IAPs can be stolen.
    1. Follows from Premises 3 and 4.
  6. IAP spoofing breaks the exclusive access of the owner.
    1. IAP digital objects are being created at the time of purchase by code that the developer wrote and as such, owns.
    2. IAP spoofing allows a user to use the objects that the developer owns.
    3. Therefore, IAP spoofing breaks the exclusive access of the owner.
  7. IAP spoofing is non-consensual.
    1. The terms of exchange are set for the IAP model: money for the digital object.
    2. IAP spoofing is changing the model by not transferring the money, but still getting the object.
    3. It is a non-consensual change of the terms of exchange because the other party cannot consent to a change if they have no knowledge of it.
    4. Therefore, IAP spoofing is non-consensual.

Therefore, because IAP spoofing non-consensually breaks exclusive access of the owner, IAP spoofing is stealing.

Even if you don’t buy into the idea of “virtual objects,” there is already some kind of basic sense of ownership in the way of database storage/inventory storage in apps and games. The idea of virtual objects just makes the argument’s conclusions stronger because digital objects should be thought of in the same way in regards to “realness” as physical objects.

The consequences of the conclusions of this argument mean that IAP spoofing legal rulings could fall under precedents set by existing theft laws, but also may need further clarifications to make it more specific to this cybercrime. Further inquiry into cyber and behavioral mitigation must be done to know how to effectively treat this issue.

Other Philosophy Posts

Asexuality, Attraction, and Desire

A philosophical account of asexuality, sexual attraction, and sexual desire.

Theoretical Virtues of Major Theories of Time

In this paper, I have two main goals. The first of which is to develop an account of why people believe or choose to believe certain scientific and/or metaphysical theories, with an focus on theories of time. In particular, I will argue that people choose to believe intuition-preserving theories of time (intuition-preservation as a theoretical virtue). Additionally, I consider if this is a good thing or not, and whether people should evaluate theories on the basis of intuition-preservation. The second goal is to use the developed account to examine the theoretical virtues of some of the most popular competing metaphysical theories of time, namely: Presentism, Growing Block Theory, and Eternalism.

Uprooting the Flame

In this paper, I will argue that, following the advice of the Buddhists and Stoics, we should extirpate anger from ourselves for the betterment of ourselves, and to a greater extent, our society. First, I will describe the Aristeolian “containment” view of anger. Then I will present an argument that anger is a categorically negative emotion. Next, I will consider a common objection, of which I think is the strongest pro-anger argument, that anger is actually good because it is a necessary moral emotion, especially in responding to instances of injustice. Finally, I will show why this is not a satisfactory explanation by arguing for grief, rather than anger, as a way to motivate against injustice.

Holes (Pretty Good Movie/Pretty Tough Ontological Question)

In this essay I argue that holes cannot exist.

Evaluating Anti-Platonist Approaches to Mathematics

In this paper, I will first explain Platonism and its relation to mathematics and reconstruct arguments against it to show how mathematical objects ultimately cannot exist. I will then explore logicism and formalism in order to critically evaluate how they create truth for mathematical propositions and the problems that they have that could or should prevent mainstream philosophical adoption. Finally, I will explain Benacerraf’s structuralism and why I think it is the best Anti-Platonist explanation for the philosophical foundation of mathematics.

Comments