Google will label Android apps that go through a security audit. The new badge highlight is beginning to appear on VPN apps in the Google Play Store that have passed an independent security audit. Google is beginning to indicate which Android VPN apps have undergone an independent security audit in order to persuade software developers to take cybersecurity seriously.
Google will label Android apps that go through a security audit
The company has begun to place a new “Independent security review” mark on VPN apps that have already undergone the audit on the Google Play Store. The certification is available in the “Data safety” section of qualified apps.
A badge indicates that the app has been assessed against a set of security criteria developed by Google in collaboration with other cybersecurity partners. “This signals to users that an independent third party has validated that the developers designed their apps to meet these industry mobile security and privacy minimum best practises and the developers are going the extra mile to identify and mitigate vulnerabilities,” the company stated in a blog post.
The bar does not appear to be that high. The security rubric, for example, includes numerous levels for each category. However, in order to obtain the badge, an app must simply meet “Level 1” of the standards, which include ensuring that data is encrypted when transmitted over the internet and seeking the bare minimum of software rights.
“While certification to baseline security standards does not imply that a product is free of vulnerabilities, the badge associated with these validated apps helps users see a glance that a developer has prioritised security and privacy practises and committed to user safety,” Google said in defending its strategy. App developers will also need to go through another annual independent assessment in order to continue earning the badge.
For the time being, Google will only display the badge on VPN apps “due to the sensitive and significant amount of user data these apps handle.” When you search for VPN software in the Google Play Store, a banner will emerge informing consumers about the new “Independent security review” mark and its significance.
VPN apps like NordVPN, ExpressVPN, and Google One have previously passed the independent assessments required to get the label. The business hasn’t stated when the badge will be available for apps in other categories.
However, its debut raises doubts about whether Google will make the audits mandatory for some Android software developers, or whether Google Play rankings will favour apps that obtain the badge. For the time being, the company’s FAQ on the badge states, “At this time, we don’t have plans to make certification mandatory for app developers.”