Google conducts reviews on apps submitted to the Play Store to ensure they comply with Google’s policies and do not contain malicious code. Unfortunately, as we have seen in the past, some apps do slip through the cracks which means by the time it’s discovered, it might be too late.
The good news is that Google has since announced a new Play Store initiative that will make it easier for users to discover apps that are secure. This will be done through a new “Independent Security Review” badge for certain apps that have met the security and privacy standards set by the industry.
Apps that have this badge means that they have been reviewed by MASA (Mobile App Security Assessment) created by the App Defense Alliance (ADA) last year. According to Google:
“This signals to users that an independent third-party has validated that the developers designed their apps to meet these industry mobile security and privacy minimum best practices and the developers are going the extra mile to identify and mitigate vulnerabilities. This, in turn, makes it harder for attackers to reach users’ devices and improves app quality across the ecosystem.”
Google does note that just because an app has this badge does not mean that it is free from vulnerabilities. This would be near impossible because developers cannot anticipate every single scenario, but at the very least users will now be able to easily identify apps whose developer has prioritized security and privacy practices.