Tougher consumer protections against malicious apps


Millions of people use apps every day to shop, bank and make video calls and the UK app market is worth £18.6 billion. But there are few rules governing the security of the technology or the online stores where they are sold.

A new report on the threats in app stores published today by the National Cyber Security Centre (NCSC) shows people’s data and money are at risk because of fraudulent apps containing malicious malware created by cyber criminals or poorly developed apps which can be compromised by hackers exploiting weaknesses in software.

To provide better protection for consumers, the government is launching a call for views from the tech industry on enhanced security and privacy requirements for firms running app stores and developers making apps.

Under new proposals, app stores for smartphones, game consoles, TVs and other smart devices could be asked to commit to a new code of practice setting out baseline security and privacy requirements. This would be the first such measure in the world.

Developers and store operators making apps available to UK users would be covered. This includes Apple, Google, Amazon, Huawei, Microsoft and Samsung.

The proposed code would require stores to have a vulnerability reporting process for each app so flaws can be found and fixed quicker. They would need to share more security and privacy information in an accessible way including why an app needs access to users’ contacts and location.

Find out more here