The new feature is the latest in line with increasing security and precautionary measures by Google to keep malicious Android apps away from its Play Store.
Google Play has introduced a new feature to inform users looking for reliable VPN (virtual private network) apps if the apps have undergone an independent security review. The new feature will add an Independent Security Review badge at the top of the Google Play search results page when users search for VPN apps.
This badge will ensure the app has been scanned through an independent security review. That’s not all! The banner will provide additional information under the Learn More option, which will redirect them to the App Validation Directory, providing technical assessment details so that users can make informed decisions when downloading VPNs.
The certification can be checked in the app’s Data Safety section on Google Play Store. Its presence means the application has been tested against pre-determined security criteria, which Google has developed with several cybersecurity partners.
The badge will inform users that the app has been verified and validated by an independent third party and meets the minimum best practices standards of the industry’s mobile security and privacy guidelines. It will also indicate that the app’s developers will identify/mitigate vulnerabilities promptly.
For your information, in 2022, the App Defense Alliance (ADA) launched the Mobile App Security Assessment (MASA) to let developers evaluate their apps independently against a strict global security standard.
This serves as an assurance for users that app developers are following best practices for privacy and security. Successful validation will allow the developers to display the badge in their app’s Data Safety section. This addition will make it more challenging for cybercriminals to access users’ devices through compromised apps and improve the app’s quality.
Although adhering to “baseline security standards” won’t guarantee that the app will be vulnerability-free, the badge will serve as a “visual cue” for users that it has been scanned and validated.
The new feature has been rolled out for VPN apps and selected app categories as the company wants to secure sensitive apps initially. VPNs hold a substantial volume of data as they are primarily used for searching and accessing websites. In a blog post, Nataliya Stanetsky, Android Security and Privacy Team wrote that:
“VPN providers such as NordVPN, Google One, ExpressVPN, and others have already undergone independent security testing and publicly declared the badge showing their good standing with the MASA program. We encourage and anticipate additional VPN app developers to undergo independent security testing, bringing even more transparency to users.”Google
This is a proactive move to enhance app security and protect user data, underscoring the company’s commitment to improving cybersecurity in the digital space. Users are generally unaware of the risks associated with VPN apps. Many of these apps can be designed to collect sensitive device or user data and may even inject malware onto their devices.
- Google Makes Passkeys Default for All Users
- Google offers Dark Web monitoring for US Gmail users
- Google Buys Cyber Security Firm Mandiant for $5.4 Billion
- Google Chrome to Mask User IP Addresses to Protect Privacy
- Google Introduces Bug Bounty Program for Open-Source Software
- Google Removes Swing VPN Android App Exposed as DDoS Botnet
- Google’s Latest Android Feature Drop: Dark Web Search for Gmail ID
- Essential Insights on Google Cloud Backup and Disaster Recovery Service