The Google Play Store now highlights VPN apps with an “independent security review” badge, denoting successful completion of a Mobile App Security Assessment (MASA) audit. This step aims to enhance transparency and user trust in applications.
MASA Standard and Its Impact
This innovation leverages the MASA standard, established by the Application Security Alliance (ADA) initiative, which places stringent demands on mobile app security. It encompasses aspects like data storage, confidentiality, cryptographic techniques, authentication, network security, platform interaction, and source code quality.
Boosting User Confidence
VPN apps dealing with sensitive user data are ideal candidates for this badge within the Google Play Store’s Data Security section. The badge confirms compliance with the MASA standard, validated through an independent audit, and seeks to bolster user confidence in application security.
Supporting VPN Service Claims
VPN services emphasizing their no-logs and user anonymity commitments can substantiate these claims through an independent MASA audit. Conducted by approved cybersecurity partners, the audit assesses source code, server configurations, and potential vulnerabilities affecting online security. Notably, NordVPN, Google One, and ExpressVPN have already received the “peer-reviewed security” badge.
Expanding the Initiative
Additional applications possessing a MASA certificate, albeit not yet listed on the Google Play Store, include Aloha Browser + Private VPN and Private Internet Access VPN. Detailed MASA audit information is publicly accessible in the relevant certification directory.
The list of VPN applications adorned with the “independent security review” badge is expected to grow, further fostering transparency on the Google Play Store, notes NIX Solutions. App developers are encouraged to participate in this initiative by completing an independent security review form.