Since 2014, Amazon and the US Federal Trade Commission (FTC) have been battling it out in court over in-app purchases of virtual goods.  The FTC charged that the retail giant had billed parents for in-app purchases made by children without the account holders’ consent─a process that violated Section 5 of the FTC Act, which prohibits unfair or deceptive commercial practices. The protracted legal fight has finally ended, with the courts agreeing with key elements raised by the FTC.

The actual cost to Amazon is still in question, but it will be quite high. The FTC had claimed that Amazon earned US$86 million from in-app purchases during the time period in question, and roughly 42% were unauthorized. However, the court rejected that estimate as being too high, so new figures are being worked up.

Of course, this is not the first time that regulators have put a spotlight on unauthorized in-app purchases.  The scrutiny began in earnest in 2011 with a call for regulators to investigate in-app purchases–more specifically, purchases of Smurfberries. The FTC responded, initiating an inquiry into how app stores handled the purchase process. Settlements with both Google (US$19 million in consumer refunds) and Apple (US$32 million in consumer refunds) followed, and now a settlement with Amazon will be added to the mix.

It’s clear that the FTC is now fully immersed in the in-app purchase business model. It has examined the stores and a wide variety of apps intended for children. It understands the various types of virtual goods available for sale, the price ranges, parental controls, how a purchase is handled, how and where disclosures about purchase are made, and the volume of complaints that can arise when parents aren’t in control of the process. (In its initial filing against Amazon, the FTC noted that shortly after launching in-app purchases, one Amazon app store manager described the level of complaints to be “near house on fire.”)

So how can developers allow users to purchase goods through an app while still keeping their feet from the flames?

1. Know the rules

Marketing to children is subject to robust regulations and industry self-regulation. The sensibilities and frameworks laid out in the rules are designed to take into account the cognitive abilities and limitations of young users, and to ensure that marketing doesn’t take advantage of them. When courting kids, it’s also important to implement measures that protect children from your own marketing measures. It can be complicated. However, when applied well, the rules can actually result in more creative, balanced and successful marketing than some campaigns intended for adults.

2. Create a responsible purchase process

The app stores have changed over the years through increasing their disclosures about in-app purchases and requiring passwords to be entered in advance of purchases. However, while the buying mechanism is controlled by the platform, the incentive to purchase sits within the app itself. The entire purchase funnel falls under the purview of the regulators, meaning transparency and control are critical design elements. So when mapping out the purchase flow, consider having reminders to have consent from the bill payer, as well as a design, that mitigates the risk of a user accidentally purchasing the highest-priced item.

3. Remember the parent

The app may be intended for a child, but the parent is still the gatekeeper. Use the space in the app store to clearly and comprehensively describe your product. The stores now require a certain amount of disclosure about in-app purchases, so make it easy for parents to understand what else his or her child will find.

When creating kids apps, developers take on the responsibility of providing its users with special protections. Start by simply learning the fundamentals. The rules and guidelines have been in existence for decades and have stood up well over time. The way they’re implemented across different media and expressed through varied creative executions can be very fluid, but the cost of ignoring the basics is simply too high.

Linnette Attai is the founder of PlayWell, LLC, a compliance consulting firm that guides companies in the US and overseas through the regulatory and self-regulatory environments surrounding digital and mobile privacy, user safety, security, product development, content, advertising and marketing.