Google is actively enhancing user protection on the Google Playstore by introducing Audit Badges for VPN apps that have undergone “Independent security review.”
The new security audit adopts the Mobile App Security Assessment (MASA), a new criteria established last year as an initiative of the App Defense Alliance (ADA).
A new criteria which actively outlines the security standards that mobile applications must adhere to.
These requirements actively reference practices related to data storage and privacy, cryptography, network communication, platform interaction, code quality, as well as authentication and session management.
Google is commencing with VPN Applications, considering the criticality of user’s security and privacy; by implementing these standards.
Due to these sensitive data handled by VPNs, Google Playstore has introduced the “Independent Security Review” badge in the Data Safety section.
SECURITY & TRANSPARENCY:
Google Audit badge will indicate if the VPN app meets the MASA standard, and if it has been independently verified. Google is also adopting this step to increase security transparency and build trust with its users, as Most users employ VPN applications for anonymity while browsing the internet.
In addition, Developers of these VPN assert that they neither retain personal data of users nor reveal their actual IP addresses under any circumstances. To verify these claims, a few VPN providers engage third-party organizations to conduct audits. These audits scrutinize the VPN source codes, server configurations, and identify any bugs that might compromise user anonymity during VPN usage.
Google playstore new Security badge mandates that VPN vendors must also undergo MASA security from a trusted and approved cybersecurity partner. Several VPN providers, including NordVPN, Google One, and Express VPN, have expressed their support for Google’s new request, and have also received their Google play badges.
Other VPN providers such as Tomato VPN, Private Internet Access VPN, Aloha Browser + Private VPN, and Vpnify-Unlimited VPN proxy, also hold a valid MASA Certificate but are yet to receive their badge. Details of these VPN who are on the badge waiting list, can be found here.
Developers of anonymity apps (VPN), are encouraged by Google to participate in this new campaign by submitting their VPN applications for an independent security review using this form.
Furthermore, Google plans to extend this security program to other types of applications in its Play Store. Although Google has not yet disclosed a timeline for the implementation, we at Fixitgearware believe that Google’s efforts to protect its users are commendable and noteworthy.
Please do let us know in the comment section what are your thoughts about this.