The government is planning to create an app-certification or rating agency on lines of the Bureau of Indian Standards (BIS) and the Food Safety and Standards Authority of India (FSSAI), which will help users get key details about an application like its creators, key features and how it uses or processes user’s data or even stores it.
The Department of Telecommunications (DoT) is working on creating a security roadmap for the digital infrastructure in the country, which is part of government’s programme to create a $1-trillion digital economy. The DoT is at present deliberating with various stakeholders including private players on how to move ahead in this direction, a source said.
“The idea behind creating an app-rating or certification agency on the lines of BIS or FSSAI is that today there is no single platform where a user can check the security features of an app or how safe it is. One can find out the popularity on App Store or Play Store, but to check whether an app is safe to use in terms of data processing or storing it, one has to depend on user reviews, which can be manipulated,” the source added.
A senior government official explained that to create a $1-trillion digital economy it is imperative that India has a roadmap for what needs to be done. A crucial component of this would be security of digital infrastructure. “This road map will have all the components. For instance, in case of users, the government wants to create a one-stop security grievance redressal system as well as a security incidence response team. Separately, we now have a central equipment identity registry, which is also part of this road map,” he added.
Telecom will be the platform on which companies will leverage technologies like artificial intelligence, machine learning, block chain, 5G and IoT. Keeping this in view, the government wants to ensure that digital infrastructure is safe and secure. Private players will be playing a very crucial role in this journey, the official said.
On these lines, DoT has already set up a security lab at the National Centre for Communication Security (NCCS), Bengaluru. Similarly, a security lab is also in the process of being established at the Telecom Engineering Centre (TEC). The government will also set up more such labs for mandatory testing and certification of telecom equipment.
A top official working with a cyber security firm, which works frequently with law enforcement agencies, said with data becoming the mainstay of the digital economy, it’s only a matter of time before governments across the world will put more stress on security features of apps, especially how it processes data, stores it or shares it with third parties.
“The digital world is highly dynamic and it makes sense to create an agency which tracks the app eco-system. Today, there is no institutional way of having this, but going ahead with more dollars riding on apps and services they will offer, having a mechanism to ensure user’s safety is a no brainer,” the official, who wished not to be quoted as he is not authorised to speak with the media, added.