Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Google clarifies commercial spyware ban for Play store

Antone Gonsalves | April 3, 2014
Google has made it clear that commercial Android apps sold on the Play store are not allowed to secretly track user activity.

On the security side, the Federal Trade Commission has been taking a growing interest in how mobile app developers protect user personal information.

The commission announced Friday that it had settled a complaint that accused Fandango and Credit Karma of failing to take "reasonable steps" to secure personal information when transmitting it over the Internet.

The complaint charged both companies with disabling SSL certification validation, which left their apps vulnerable to man-in-the-middle attacks, particularly over public Wi-Fi networks.

Fandango, an online movie ticket seller, transmitted credit card details, email addresses, passwords and other information insecurely. Credit Karma, a personal finance site, did the same with social security numbers, credit scores and other credit report details.

The settlements require the companies to correct the security problems and to undergo independent security assessments every other year for the next 20 years, the FTC said.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.