Google Play Store Instigates Security Audit Badges for VPN Services
02 Nov, 2023
The Google Play Store has revised its procedures to allow users to identify if VPN applications available on the platform have undergone independent security assessment. This has been facilitated through the introduction of Mobile App Security Assessment (MASA) guidelines. Apps that have met the standards set by these guidelines, an initiative of the App Defense Alliance (ADA), will now display an 'Independent Security Review' badge in the Data Safety section.
Google elucidated in a blog post that apps need to meet certain criteria around cybersecurity aspects such as data privacy and storage, cryptography, authentication, networking authorization, and coding to successfully pass the MASA assessment.
Earning the badge, however, involves getting the app assessed by a select group of independent cybersecurity firms recognized by the tech mammoth. These include Bishop Fox, Dekra, and NowSecure.
Security reviews by independent firms are valuable to VPN providers and users alike as they reinforce trust by confirming the app's capability to protect user data and online activity. This includes ensuring that user data is not erroneously exposed due to security shortcomings or intentionally mishandled. Several renowned VPNs, including ExpressVPN, NordVPN, and Google One, already boast the security review badge. However, some MASA-certified VPNs are yet to feature the badge on their Play Store listing.
For an app to be considered for this independent security review, developers need to fill out an application form provided by Google. This initiative is part of Google's commitment to enhance the safety of its service platform, with the ultimate goal of making Android the safest mobile platform.
These measures come after concerns about the presence of malicious apps on the Play Store, along with deceptive VPN services that either contain malware or compromise user privacy. Falsely advertised as free, these VPN services can be hazardous to unsuspecting users.