Thursday, March 28, 2024

Tech industry asked for advice about tightening security on app development

Tech industry specialists are being asked by the Government for advice about enhanced security and privacy requirements for firms running app stores and developers making apps.

The calls comes after publication of a new report on the threats in app stores published today by the National Cyber Security Centre. It shows people’s data and money are at risk because of fraudulent apps containing malicious malware created by cyber criminals, or poorly developed apps which can be compromised by hackers exploiting weaknesses in software.

Millions of people use apps every day to shop, bank and make video calls and the UK app market is worth £18.6 billion – but there are few rules governing the security of the technology or the online stores where they are sold.

Under new proposals, app stores for smartphones, game consoles, TVs and other smart devices could be asked to commit to a new code of practice setting out baseline security and privacy requirements. This would be the first such measure in the world.

Developers and store operators making apps available to UK users would be covered. This includes Apple, Google, Amazon, Huawei, Microsoft and Samsung.

The proposed code would require stores to have a vulnerability reporting process for each app so flaws can be found and fixed quicker. They would need to share more security and privacy information in an accessible way including why an app needs access to users’ contacts and location.

Cyber Security Minister Julia Lopez said: “Apps on our smartphones and tablets have improved our lives immensely – making it easier to bank and shop online and stay connected with friends.

“But no app should put our money and data at risk. That’s why the Government is taking action to ensure app stores and developers raise their security standards and better protect UK consumers in the digital age.”

The NCSC report found all types of app stores face similar cyber threats, and the most prominent problem is malware: corrupted software which can steal data and money and mislead users.

For example, last year some Android phone users downloaded apps which contained the Triada and Escobar malware on various third-party app stores. This resulted in cyber criminals remotely taking control of people’s phones and stealing their data and money by signing them up for premium subscription services without the individual’s knowledge.

The NCSC report concludes the government’s proposed code of practice will have a positive impact and reduce the chances of malicious apps reaching consumers across different devices.

NCSC Technical Director Ian Levy said: “Our devices and the apps that make them useful are increasingly essential to people and businesses and app stores have a responsibility to protect users and maintain their trust.

“Our threat report shows there is more for app stores to do, with cyber criminals currently using weaknesses in app stores on all types of connected devices to cause harm. I support the proposed Code of Practice, which demonstrates the UK’s continued intent to fix systemic cybersecurity issues.”

The code follows a government review of app stores launched in December 2020 which found some developers are not following best practice in developing apps, while well-known app stores do not share clear security requirements with developers.

The app stores call for views is part of the government’s £2.6 billion National Cyber Strategy to ensure UK citizens are more secure online and is alongside other tough UK safeguards for people using internet-connected devices.

It is also part of the government’s work leading international efforts to raise awareness on the need for security and privacy requirements for apps to protect users.

A message from the Editor:

Thank you for reading this story on our news site - please take a moment to read this important message:

As you know, our aim is to bring you, the reader, an editorially led news site and magazine but journalism costs money and we rely on advertising, print and digital revenues to help to support them.

With the Covid-19 pandemichaving a major impact on our industry as a whole, the advertising revenues we normally receive, which helps us cover the cost of our journalists and this website, have been drastically affected.

As such we need your help. If you can support our news sites/magazines with either a small donation of even £1, or a subscription to our magazine, which costs just £31.50 per year, (inc p&P and mailed direct to your door) your generosity will help us weather the storm and continue in our quest to deliver quality journalism.

As a subscriber, you will have unlimited access to our web site and magazine. You'll also be offered VIP invitations to our events, preferential rates to all our awards and get access to exclusive newsletters and content.

Just click here to subscribe and in the meantime may I wish you the very best.








Latest news

Related news