One Article Review
| Source |  GoogleSec |
|---|---|
| Identifiant | 8405886 |
| Date de publication | 2023-11-02 12:00:24 (vue: 2023-11-04 17:08:01) |
| Titre | Plus de moyens pour les utilisateurs d'identifier les applications testées sur la sécurité indépendante sur Google Play More ways for users to identify independently security tested apps on Google Play |
| Texte | Posted by Nataliya Stanetsky, Android Security and Privacy Team
Keeping Google Play safe for users and developers remains a top priority for Google. As users increasingly prioritize their digital privacy and security, we continue to invest in our Data Safety section and transparency labeling efforts to help users make more informed choices about the apps they use.
Research shows that transparent security labeling plays a crucial role in consumer risk perception, building trust, and influencing product purchasing decisions. We believe the same principles apply for labeling and badging in the Google Play store. The transparency of an app\'s data security and privacy play a key role in a user\'s decision to download, trust, and use an app.
Highlighting Independently Security Tested VPN Apps
Last year, App Defense Alliance (ADA) introduced MASA (Mobile App Security Assessment), which allows developers to have their apps independently validated against a global security standard. This signals to users that an independent third-party has validated that the developers designed their apps to meet these industry mobile security and privacy minimum best practices and the developers are going the extra mile to identify and mitigate vulnerabilities. This, in turn, makes it harder for attackers to reach users\' devices and improves app quality across the ecosystem. Upon completion of the successful validation, Google Play gives developers the option to declare an “Independent security review” badge in its Data Safety section, as shown in the image below. While certification to baseline security standards does not imply that a product is free of vulnerabilities, the badge associated with these validated apps helps users see at-a-glance that a developer has prioritized security and privacy practices and committed to user safety.
To help give users a simplified view of which apps have undergone an independent security validation, we\'re introducing a new Google Play store banner for specific app types, starting with VPN apps. We\'ve launched this banner beginning with VPN apps due to the sensitive and significant amount of user data these apps handle. When a user searches for VPN apps, they will now see a banner at the top of Google Play that educates them about the “Independent security review” badge in the Data Safety Section. Users also have the ability to “Learn More”, which redirects them to the App Validation Directory, a centralized place to view all VPN apps that have been independently security reviewed. Users can also discover additional technical assessment details in the App Validation Directory, helping them to make more informed decisions about what VPN apps to download, use, and trust with their data.
|
| Envoyé | Oui |
| Condensat | ability about accordance across ada additional against aligned all alliance allows already also amount android anticipate app apply apps are article assessment associated attackers badge badges badging banner baseline been beginning believe below best blog bolster both bringing building can center centralized certification choices commitment committed community completion consumer continually continue crucial data decision decisions declare declared defense designed details developer developers devices digital directory discover displaying does download due ease ecosystem educates efforts encourage encouraged encouraging even expectations expressvpn extra feature form foster free from give gives glance global going good google handle harder has have heard help helping helps highest highlight highlighting how identify image imply improvements improves increasingly independent independently industry influencing informed initiatives interested introduced introducing invest its keep keeping key labeling last launched learn learning make makes masa meet mile minimum mitigate mobile more more” nataliya navigate needs new nordvpn not now one option other others party perception place play plays please policies policybytes posted posts practices principles prioritize prioritized prioritizing priority privacy process product program programs provide providers publicly purchasing quality reach read redirects remains research resources review reviewed review” risk role safe safety same searches section security see sensitive showing shown shows signals significant simplified specific standard standards standing stanetsky starting store submit succeed successful such team technical tested testing them these third thriving through tools top transparency transparent trust turn types undergo undergone uphold upon use user users validated validation videos view vpn vulnerabilities ways webinars what when where which who will working year “independent “learn |
| Tags | Tool Vulnerability Mobile Technical |
| Stories | |
| Notes | ★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.