I think they mean app-side: determining if a user is a bot or not gets harder when you can't tie that user to the datamine'd indicators of their humanity.

Hackernews seems to manage.

We don't move money around or even have private messaging. If the stakes are high enough, users need the service provider to be skeptical of all client processes, because the risk of being impersonated is born, right or wrong, by the user.

If you move money around then the legal system already exists to deal with fraud.

As someone who doesn't use an iphone it's really frustrating that online services are starting to expect one for this reason when it hasn't been necessary in the past.

There's a cost-benefit balance at play: is using the cost of the legal system (lawyers, evidence, courts, long tail on case times) better than developing a system to prevent fraudulent users?

I also wouldn't be surprised if there was a burden of "good faith effort" required to show that you've taken measures to prevent frauds.

There’s legal system that exist to deal with people stealing stuff from my house. But I still have doors, locks, cameras and alarm.

Again, what are you paying the apple cut for? Are you saying bots are buying your fancy messaging app?