Apple mainly checks for obvious malware API calls on device, it would really be out of its scope to check the backend security for every app ever.