To encourage software developers to take cybersecurity seriously, Google is starting to highlight which Android VPN apps have undergone an independent security audit.
In the Google Play Store, the company has begun placing a new “Independent Security Review” badge on VPN apps that have already been inspected. You can find this certificate in the “Data Security” section of programs that are eligible.
Receiving the badge means the app has been tested against basic security criteria that Google helped develop with other cybersecurity partners. The company added: “This indicates to users that an independent third party has verified that developers have designed their apps to comply with at least the industry’s mobile privacy and security best practices, and that developers have made additional efforts to identify and mitigate They have vulnerabilities.” Blog post on Thursday
(Google)
Crossing the bar doesn’t seem like much. For example, the security rubric includes several levels for each category. But to get the badge, an app only needs to pass “Level 1” requirements, which include ensuring data is encrypted when in transit over the Internet and requesting a minimum set of software licenses necessary to operate.
Google “While certification of basic security standards does not mean that a product is free of vulnerabilities, the badge associated with these accredited programs helps users understand at a glance that a developer has prioritized security and privacy practices and The safety of the user is committed. He said in justification of the approach. To continue receiving the badge each year, app developers must also complete another annual independent audit.
Currently, Google places this badge on VPN apps first “due to the significant amount of sensitive user data these apps handle.” If you search for a VPN app through the Play Store, a banner will appear informing users about the new “Independent Security Check” badge and its importance.
Recommended by our editors
(Google)
VPN apps like NordVPN, ExpressVPN, and Google One have already been certified by independent inspections. The company hasn’t said when it will roll out the badge to other category apps. But its arrival may raise questions about whether Google mandates audits for some Android software makers, or whether Google Play’s ranking favors apps that have earned the badge. Currently, the company’s FAQ says on the badge: “Currently, we have no plans to mandate certification for app developers.”
The FAQ adds that developers can expect to pay certified testing labs between $3,000 and $6,000 when requesting an audit.
Like what you read?
Register for Security Watch Newsletter for our top privacy and security stories delivered straight to your inbox.
This newsletter may contain advertisements, deals or affiliate links. Subscribing to the newsletter indicates your consent to our terms of use and privacy policy. You can unsubscribe from the newsletter at any time.
#Google #shows #Android #apps #passed #security #check
Image Source : www.pcmag.com