-
Third-party validation for apps like VPNs is crucial for user safety.
-
Google’s new Verified badge in the Play Store ensures security for these apps.
-
Specific criteria such as user reviews and encryption must be met for verification.
Choosing an app that fits your needs is usually cut and dry — you install an app, use it or check the reviews, and decide on keeping it or trying out an alternative. However, this can prove risky in some categories, like when you’re looking for a reliable password manager, cloud storage, or a good VPN app. That’s where third party validation comes in, be it from outlets like ours, or independent data security reviewers. Google just announced plans to make VPN app downloads safer for everyone with a verification badge on the Play Store, backed by third-party studies.
Verification of the security claims from an app developer is challenging because there’s always a chance that opinions are skewed to favor certain apps. However, a reliable third-party agency can alleviate these concerns with a non-partial assessment. Google partnered with other tech bigwigs like Microsoft and Meta to create the App Defense Alliance (ADA) that establishes industry standards for user safety, and certifies apps that meet rigid criteria.
VPN apps that meet the ADA’s MASA AL2 standard will receive a new Verified badge in the Play Store. It will show up alongside the app’s user rating, download count, and other stats. This badge is more prominent in the search results too, and should help users who aren’t likely to read the Data safety section already available on every app’s detail page on the store.
Stringent prerequisites for verification
An essential barrier to entry
google-play-vpn-badging-1
To get one of these verification badges, an app would need to be at least 90 days old on the Play Store, with at least 10,000 downloads and 250 user reviews. It should also have a completed Data safety section declaration okaying Encryption in transit and Independent security reviews. The developer needs to have an Organization dev account type, and the app requesting verification should target the required API levels for Google Play apps. Finally, the app must also have MASA Level 2 validation. However, this isn’t an exhaustive list and other factors could affect an app’s certification too.
Google has already certified a few popular apps, like Nord and Aloha Browser. Regular re-certification is necessary for these apps, and we hope to see the verification badge expand to apps in other categories as well, because user safety should always be a primary objective for app devs.