TLDRs;
- The European Commission asked Apple, Google, Microsoft, and Booking.com to explain anti-scam measures under the Digital Services Act.
- Regulators are focusing on fake apps, fraudulent accommodation listings, and scam ads across major platforms and search engines.
- Platforms must detail their “Know Your Business Customer” identity verification and share access to advertising repositories.
- The inquiry is not yet a formal proceeding but part of the EU’s broader digital consumer protection framework.
The European Commission has demanded that Microsoft, Apple, Google, and Booking.com provide detailed explanations of how they are addressing financial scams across their platforms.
The move comes under the Digital Services Act (DSA), the landmark EU legislation that sets strict obligations for large online platforms and search engines.
The inquiry spans widely used services, including Apple’s App Store, Google Play, Booking.com, Microsoft’s Bing, and Google Search. Regulators want specifics on how these platforms identify fraudulent content, verify business identities, and mitigate systemic risks from scams that affect millions of EU consumers.
Commission zeroes in on fraud safeguards
According to the Commission, scammers frequently exploit popular platforms to reach victims, impersonating trusted services or luring users into fraudulent transactions. This creates significant risks for both individuals and businesses across the bloc.
For app marketplaces such as the Apple App Store and Google Play, the focus is on fake financial applications that mimic legitimate banking, investment, or trading apps. These clones often trick users into sharing sensitive details or making payments that vanish into fraudulent networks.
On Booking.com, regulators are concerned about fake accommodation listings, where users pay for non-existent rentals or hotels. Meanwhile, Bing and Google Search are being examined for their handling of advertisements and search results that direct users to scam websites.
By gathering information, the Commission aims to evaluate whether existing safeguards are robust enough to block these schemes at scale.
Know Your Business Customer rules
A central issue in the inquiry relates to the “Know Your Business Customer” (KYBC) rules set by the DSA. Platforms must verify the identity of businesses using their services to ensure that bad actors cannot operate under false credentials.
The Commission is pressing the companies to explain how they conduct these checks, particularly in high-risk areas like financial services. Identity verification is seen as a key tool for preventing scams before they reach end users, reducing the risk of fraudulent apps, fake ads, and misleading listings.
Additionally, the Commission has asked platforms to share details of their advertising repositories, databases of all ads that must be accessible to regulators, researchers, and in some cases, the public. These repositories are critical for spotting recurring patterns of scam campaigns and holding fraudulent advertisers accountable.
No formal proceedings yet
While the inquiry is serious, the Commission clarified that it does not constitute the launch of formal proceedings against Apple, Google, Microsoft, or Booking.com. Instead, it is part of the broader supervisory framework of the DSA, which has been enforced since 2023.
The Act currently applies to 25 major online platforms, including Amazon, Facebook, Instagram, TikTok, X, and Temu. To date, formal proceedings have been opened against ten platforms, including AliExpress, TikTok, and Pornhub, but none have yet concluded.
By pushing for transparency, the Commission hopes to close gaps in consumer protection and reduce opportunities for scammers to exploit Europe’s digital ecosystem. The companies under scrutiny are expected to respond with detailed compliance reports in the coming weeks.
Looking ahead
The EU’s actions reflect growing pressure on global tech giants to take responsibility for fraudulent activities that proliferate on their platforms. With scams becoming more sophisticated, regulators are determined to ensure that platforms build stronger defenses and uphold consumer trust.
Whether the inquiry leads to tougher enforcement or future penalties will depend on how Apple, Microsoft, Google, and Booking.com respond to the Commission’s requests and how convincing their safeguards prove to be under the DSA framework.
