When children unexpectedly run up huge in-app purchasing bills, a lot of people blame the parents, and not the real culprit, Apple:
-
Caching credentials for ease of use is the default, so there is no way to learn about this dangerous behavior.
-
Apple requires caching to be active when you want the convenience of updating your apps without entering your password.
-
Even though caching can be convenient, I doubt that there are many people who intend to spend more than $10 this way. Being able to spend hundreds without any further confirmation is utterly unexpected.
Before blaming parents, one must understand that iOS customers are now mainstream, much less tech savvy than Mac customers used to be, and many were utterly unprepared for what could happen, and probably failed betrayed by Apple.
As I have said before, Apple benefits from these faults. And while I doubt these happen intentionally, at least not from the leadership, they better should hurry up fixing this.
I now believe the best fix would be to set a limit how much you can spend with a cached authentication, give it options of $0, $10, $20 and $50, and make $0 the default. In addition, Apple needs to understand that iTunes accounts are targets for fraud, including from store purchases, and improve their anti fraud measures so unusually high spending is caught before it becomes a problem.