IMHO the store has no way of reliably determining whether the 'Tide' you bring is fake or not (that's what courts are for) and therefore should not be responsible.
Generally I understand your anger but I think that the concept of 3rd party responsibility is very dangerous and can create more damage than the fraud it is trying to prevent. If we make companies liable for actions of their clients they will preventively block everything that they are not absolutely sure about which would create huge chilling effect. And we already have one great example - see how widely is DMCA process abused to stifle competition, suppress criticism etc.
All it takes is a phone call. Certainly there is an account number where the money goes or some way to authenticate. I'm actually a little incredulous that Apple didn't try that- to the point of actually wondering if we are getting the whole story here.
I remember this being a big deal a while back in a slightly different way: bootleg hair products. There is pretty good money in ripping off 'for salon sale only' stuff and selling it to retail outlets- but I don't know what the penalties are if caught. And that's not really fraud (on behalf of the retailer)- that's more like violating a TOS.
You call one of them - he claim he has the rights. You call the other - he claims he has the rights. Now what?
And try the other perspective... try to imagine that you are the store owner and now someone makes you responsible for making sure that none of thousands of your suppliers is doing some dirty business... it's going to cost you a lot of money and despite that you can never be certain and you will basically live in constant fear of a lawsuit. That's huge burden on any business and it's very inefficient. That's one of the reasons that we have courts... they have tools that business owners simply do not have and only they can (somehow) reliably determine who is doing legitimate business and who is not.
I verify accounts all the time. By phone. I have an account number. The account number matches. The other guy doesn't have the account number. He fails step one. And that's a dead-simple, no-brainer level of implementation. It seems negligent to not even have that.
Every part of my business is involved in an account- from office supplies to banks to payment solutions.
It's not a huge burden at all for the business- and it's one that they certainly should be willing to bear.
I think it can be clearly shown that there is a reasonable level of expectation that any company would seek to ensure that they are interacting with an agent of a company.
Do you really think that if I were to walk into your bank, say I was you, withdraw all of your money, that you wouldn't be just a little pissed off that the bank simply took my word for it? Hell, I'm the founder of my company and when I withdraw from the company account I have to prove I have the right to do so.
I'll reiterate: this submission may not be telling the entire story. However, if it is, I think Apple should be made to repair damages in a very precedent-setting way, so companies are held to some reasonable behavioral standards.
Generally I understand your anger but I think that the concept of 3rd party responsibility is very dangerous and can create more damage than the fraud it is trying to prevent. If we make companies liable for actions of their clients they will preventively block everything that they are not absolutely sure about which would create huge chilling effect. And we already have one great example - see how widely is DMCA process abused to stifle competition, suppress criticism etc.