Google Play issues security warning to app developers

Powered by SC Magazine
 

Devs given 30 days to fix bad apps.

Google Play has issued a letter to developers to address changes in policy to crack down on insecure and dangerous apps.

The letter said that Google had made changes to its policies in regard to ‘dangerous products' that disclose personal information without authorisation and the behaviour of adverts in applications.

Google said that it is providing more detail on the kinds of dangerous products that are not allowed on Google Play, and has added a new section that addresses advert behaviour in apps.

“First, we make it clear that adverts in your app must follow the same rules as the app itself. Also, it is important to us that adverts don't negatively affect the experience by deceiving consumers or using disruptive behaviour such as obstructing access to apps and interfering with other adverts.”

This policy states that adverts are considered part of the app for the purposes of content review and compliance with the developer terms, so all policies, including those concerning illegal activities, violence, sexually explicit content and privacy violations, apply.

Google said it must be clear to the user which app each ad is associated with or implemented in. Adverts must not make changes to the functioning of the user's device outside the ad by doing things such as installing shortcuts, bookmarks or icons or changing default settings without the user's knowledge and consent.

“If an ad makes such changes it must be clear to the user which app has made the change and the user must be able to reverse the change easily, by either adjusting the settings on the device, advertising preferences in the app, or uninstalling the app altogether.”

Also, adverts must not simulate or impersonate system notifications or warnings and adverts associated with an app must not interfere with any adverts on a third-party application, it said.

Research by MWR Infosecurity and Channel 4 News found that some leading applications were sending personal data back from devices to advertising companies without user knowledge and that permissions were granted to the apps when they were downloaded.

Updating its Google Play developer program policy, Google said that it is required to update its policies when it launches new features and when it sees unhealthy behaviour such as deceptive app names and spam notifications.

It has also restricted the use of names or icons that are "confusingly similar to existing system apps in order to reduce user confusion".

It said that any existing apps will be given 30 days to fix and republish the application and after this period, existing applications discovered to be in violation may be subject to warning or removal from Google Play.

This article originally appeared at scmagazineuk.com

Copyright © SC Magazine, UK edition


Google Play issues security warning to app developers
 
 
 
Top Stories
ANZ looks to life beyond the transaction
If digital disruptors think an online payments startup could rock the big four, they’ve missed the point of why people use banks, says Patrick Maes.
 
What InfoSec can learn from the insurance industry
[Blog post] Another way data breach laws could help manage risk.
 
A ten-point plan for disrupting security
[Blog post] How can you defend the perimeter when it’s in the cloud?
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest articles on BIT Latest Articles from BIT
Pass on carbon tax savings, warns ACCC
Jul 24, 2014
The ACCC is warning businesses that supply "regulated goods" to pass on any cost savings ...
Have customers that won't pay debts?
Jul 10, 2014
The ACCC and ASIC have updated their advice when it comes to collecting debts.
Carpet cleaner faces court over online testimonials
Jul 4, 2014
The ACCC has initiated proceedings against A Whistle (1979) Pty Ltd, the franchisor of Electrodry...
You can now get 15GB of free online storage using Microsoft OneDrive
Jun 25, 2014
Cloud storage has reached both the capacity and price where it's a viable alternative to local ...
Another clever trick you can perform with Xero
Jun 25, 2014
Here is another way to reach out to particular subsets of your customers using Xero.
Latest Comments
Polls
What is delaying adoption of public cloud in your organisation?







   |   View results
Lock-in concerns
  29%
 
Application integration concerns
  3%
 
Security and compliance concerns
  27%
 
Unreliable network infrastructure
  9%
 
Data sovereignty concerns
  21%
 
Lack of stakeholder support
  3%
 
Protecting on-premise IT jobs
  4%
 
Difficulty transitioning CapEx budget into OpEx
  3%
TOTAL VOTES: 1044

Vote