Singapore has released guidelines designed to help developers adopt the necessary security controls and best practices to safeguard users against common malware and phishing attacks. Called Safe App Standard, it offers a common benchmark that guides local developers on steps to take to enhance mobile app security, according to the Cyber Security Agency of Singapore (CSA). The move aims to boost the security posture of mobile apps in Singapore and protect user data and app transactions, the government agency said. Citing figures from its 2022 Cybersecurity Awareness Survey, CSA said 80% of respondents had installed utility apps such as banking, e-commerce, and transportation apps on their mobile devices. “With increasingly prevalent mobile app usage, many users could be exposed to potential risks such as monetary loss and unauthorized access to their confidential data,” it said. The Safe App Standard is designed for apps that perform high-risk transactions, or apps that allow transactions with some or full access to the user’s financial accounts. This data, if compromised, can result in significant monetary losses, the agency said, adding that such transactions involve changes to financial functions, including registration of third-party payee details and increase of fund transfer limit. The 46-page Safe App Standard document outlines steps to take across four key areas commonly targeted by threat actors, namely, authentication, authorization, data storage, and anti-tampering and anti-reversing. The standard was designed based on references from established industry standards, CSA said, including Open Web Application Security Project, Payment Card Industry Data Security Standard, and the European Union Agency for Network and Information Security. It also was finetuned on consultation with various organizations, including local government agencies, financial institutions, e-commerce operators, consultancies, and technology vendors. While the guidelines are not mandatory, CSA is encouraging app developers in Singapore to adopt the recommended standard to ensure their apps are secure and their users protected when performing online transactions. The standard will help developers “design for security”, including built-in malware detection capabilities, and reduce the risk of threat actors exploiting weaknesses in apps, said communications and information minister Josephine Teo. She said the standard could be mandated in the future if it is proven to be useful. CSA added that the standard will be updated as the threat landscape evolves.
Related Posts
Google Messages Unveils Colorful Redesign with Familiar Feature
- admin
- November 30, 2023
- 0
The new features coming to Google’s Messages app include Photomoji, Screen Effects, Custom Bubbles, Reaction Effects, Animated Emoji, and Profiles. These features were introduced as […]
The Vanishing Metaverse: How Generative AI Is to Blame
- admin
- November 10, 2023
- 0
The metaverse has quickly lost its “front page standing” in the technology news landscape, sinking into obscurity two years after dominating the headlines. According to […]
Introducing Eve’s Revolutionary Matter-over-Thread Smart Outlet – A Game Changer for Smart Homes
- admin
- December 18, 2023
- 0
Eve Systems has launched new Matter-enabled products, including the world’s first Matter smart outlet. It is a $50 smart outlet that replaces a standard dual […]