Overview
Investing in mobile security is critical to ensure app safety for Google Play's billions of users. OWASP (the Open Web Application Security Project) has established itself as a highly respected industry standard for mobile application security. Their published set of security requirements, Mobile Application Security Verification Standard (MASVS) provides a set of baseline security criteria for developers. Along with their published set of testing criteria, MASTG (Mobile Application Security Testing Guide), OWASP offers an objective means for developers to have their apps evaluated against a common standard. Developers can work directly with a Google Authorized Lab partner to initiate the security assessment. Through MASA, Google will recognize developers who have had their applications independently validated against a set of MASVS Level 1 requirements.
Benefits
Performing regular security testing can help developers identify key vulnerabilities in their apps. Google Play will allow developers who have completed independent validation to showcase this on their Data safety section. This helps users feel more confident about an app's commitment to security and privacy.
Disclaimer
MASA is intended to provide more transparency into the app's security architecture, however the limited nature of testing does not guarantee complete safety of the application. This independent review may not be scoped to verify the accuracy and completeness of a developer's Data safety declarations. Developers remain solely responsible for making complete and accurate declarations in their app's Play store listing.
FAQs
Click here to learn more about MASA and see answers to common questions.