November 4, 2023 at 05:24AM
Google is introducing an “Independent security review” badge in the Play Store’s Data safety section for Android apps. This badge will be given to apps that have undergone a Mobile Application Security Assessment (MASA) audit. The goal is to provide users with more transparency and help them make informed choices about the apps they download. The process takes around 2-3 weeks, and while certification doesn’t guarantee a vulnerability-free app, it shows that developers prioritize security and privacy.
Key takeaways from the meeting notes:
– Google is introducing an “Independent security review” badge in the Play Store’s Data safety section for Android apps.
– The badge is initially being launched for VPN apps due to the sensitive user data they handle.
– Developers can have their apps independently validated against security standards like MASVS through the Mobile Application Security Assessment (MASA).
– The goal is to provide transparency to users and help them make informed choices before downloading apps.
– The Data safety section aims to be a unified view of app safety, providing details on data collection and sharing.
– Third-party app developers can participate by contacting one of the six Authorized Labs partners for security testing.
– Once all requirements are met, a Validation Report is sent to Google, and developers can display the security badge on their data safety form.
– The entire process typically takes 2-3 weeks.
– Certification to security standards doesn’t guarantee that the app is completely free of vulnerabilities.