ioXt Alliance Expands Authentication Program for Mobile and VPN Security–Google and Other Support

The Internet of Secure Things Alliance (ioXt Alliance), which operates the IoT security certification program, announced that it will expand the security certification program for mobile apps and virtual private networks (VPNs). The new program includes a set of security-related criteria, “Mobile Application Profiles,” to determine whether an app can be authenticated. This profile, or mobile app metric, also includes additional requirements for VPN applications. Google and Amazon have joined forces with accredited labs such as NCC Group and DEKRA and security test vendors for mobile apps such as NowSecure to develop this standard. The company’s VPN, which is part of the Google One service, was one of the first VPNs to be certified based on this standard. Mobile app developers can authenticate their apps based on a set of security and privacy requirements. The ioXt Alliance has a wide range of talent across the technology industry, including talent from companies such as Amazon, Comcast, Facebook, Google, Legrand, Resideo Technologies, Schneider Electric, T-Mobile, Zigbee Alliance and Z-Wave Alliance. Over 300 members are members. Approximately 20 industry leaders, including Amazon’s chief security architect Amit Agrawal and Google’s strategic partnership team Brooke Davis, helped develop the requirements for this profile. They are the vice chairs of the group that created the profile. The profile’s certification criteria include insecure interfaces, automatic updates, secure password management, default security checks, and an assessment of whether the software is validated. Also, the vulnerability reporting program and the policy around the end of support will be considered. According to Davis, the ioXt Alliance is already conducting security checks on IoT devices and has decided to include apps that manage these devices as well. “We’ve got a response that IoT and VPN developers are interested, but the standard also applies to cloud-connected services such as social apps, messaging apps, fitness apps, and productivity apps,” Davis said. You can do it. ” Examples of authenticated consumer VPNs include Google One (which incorporates VPN services), “ExpressVPN for Android”, “NordVPN”, “McAfee Innovations”, “OpenVPN for Android”, “VPN by Private Internet Access”, and “VPN Private”. Can be mentioned. Given that malicious VPNs have been removed from the Google Play store several times in the past, VPN app authentication can be good news for Android device owners.