Member
- Joined
- Oct 14, 2023
- Messages
- 225
- Thread Author
- #1
Now developers can test their app for durability to get the coveted mark in Google Play.
Google is taking new steps to improve the security of user data on Google Play, adding a special mark "Independent security review"(Independent security review) in the "Data Security" section.
Developers can now subject their Android apps to an independent security assessment based on the MASA ( Mobile Application Security Assessment) standard, which will allow end users to be confident in the quality of applications before downloading them. The first applications that passed the security check were VPN clients, as they work with a large amount of confidential information.
MASA is an initiative that allows conducting security audits of mobile applications in accordance with international standards, including MASVS (Mobile Application Security Verification Standard). Apps that have passed this audit get the opportunity to put a mark in the Play Market, which serves as proof of high security standards for users.
Google's goal is to make the Data Security section a comprehensive source of information about app security, including the type and purpose of data collection, and whether information is shared with third parties.
Developers who want to increase trust in their applications can contact one of the six authorized labs. After testing the public version of the app and fixing the identified security issues, the lab will send a review report to Google. If approved, developers can add the tag to their apps. According to Google, on average, the process from the initial assessment to getting a mark takes about 2-3 weeks
Google emphasizes that independent certification confirms the developer's commitment to adhere to the best practices in the field of security and privacy. However, the company also warns that even after certification, applications may contain some vulnerabilities, since no security system can be completely protected. Therefore, constant attention to security on the part of developers remains a key factor for protecting user data.
Google is taking new steps to improve the security of user data on Google Play, adding a special mark "Independent security review"(Independent security review) in the "Data Security" section.
Developers can now subject their Android apps to an independent security assessment based on the MASA ( Mobile Application Security Assessment) standard, which will allow end users to be confident in the quality of applications before downloading them. The first applications that passed the security check were VPN clients, as they work with a large amount of confidential information.
MASA is an initiative that allows conducting security audits of mobile applications in accordance with international standards, including MASVS (Mobile Application Security Verification Standard). Apps that have passed this audit get the opportunity to put a mark in the Play Market, which serves as proof of high security standards for users.
Google's goal is to make the Data Security section a comprehensive source of information about app security, including the type and purpose of data collection, and whether information is shared with third parties.
Developers who want to increase trust in their applications can contact one of the six authorized labs. After testing the public version of the app and fixing the identified security issues, the lab will send a review report to Google. If approved, developers can add the tag to their apps. According to Google, on average, the process from the initial assessment to getting a mark takes about 2-3 weeks
Google emphasizes that independent certification confirms the developer's commitment to adhere to the best practices in the field of security and privacy. However, the company also warns that even after certification, applications may contain some vulnerabilities, since no security system can be completely protected. Therefore, constant attention to security on the part of developers remains a key factor for protecting user data.