UK Government Rolls Out Security Guidance for Mobile AppsNew Guidelines Call for 8 Separate Standards to Enhance Security and Privacy
The U.K. government on Friday released voluntary code of practice that urges app store operators and app developers to upgrade their security and privacy practices. The new guidelines will be monitored for compliance.
The guidelines, which come from the Department for Digital, Culture, Media & Sport, tell operators and developers to ensure that apps receive updates to fix security vulnerabilities and call for every app developer to establish a vulnerability disclosure process.
In all, the guidance asks industry to observe eight separate standards that also include ensuring that awareness of personal data breaches carries over to other industry players including software development kit developers.
The department says it will begin asking app store operators in early 2023 whether they observe the guidelines and will solicit written responses in the spring.
"Consumers should be able to trust that their money and data is in safe hands when using apps, and these measures will not only boost our digital economy but also protect people from fraud," said Julia Lopez, the Conservative member of Parliament who heads the department.
Although app platforms such as Apple Store and Google Play Store have security policies in place for apps placements on their platforms, a government investigation says that malicious apps have appeared in them despite vetting processes meant to ensure the safety of downloads.
Apple and Google operate the best-known app stores, but government-commissioned research from internet of things security firm Copper Horse identified 111 stores across the globe that include apps for a variety of devices, including smart TVs and wearable devices.
The guidance is the outcome of a public consultation launched in May that received 59 responses, the majority of which were positive.