Dalam upaya untuk menghindari munculnya berbagai aplikasi Google Android yang dikembangkan oleh pengembang independen pada Pasar Android yang dapat merugikan keamanan para pelanggan, maka Google telah menghapus serangkaian aplikasi2 baru yang mencurigakan, yaitu aplikasi yang dikembangkan oleh pengembang dengan kode 09Droid.
Pengembang ini memakai brand institusi perbankan yang terkenal, seperti Chase, Sun Trust dan Bank of America, namun tanpa izin dari institusi perbankan tersebut. Kasus ini mirip dengan kasus penggunaan nama yang mirip Bank BCA untuk menjebak para pelanggan untuk membuka rahasia account mereka agar rekening mereka dapat dibobol, seperti yang terjadi di Indonesia beberapa tahun yang lalu.
Google bertindak cukup sigap, sebelum para pengembang yang mencurigakan itu dapat melakukan kejahatan untuk membobol rekening para nasabah Android, maka pengembang2 yang mencurigakan tersebut langsung diblokir karena melanggar aturan Google untuk para pengembang aplikasi independen.
Google has removed a series of suspicious mobile applications from the Android Market. Google says the applications were taken down for violating the site's use policy by using the names of banks without their permission.
Google has removed several banking applications from its Android Market mobile application store for violating Google's terms of use.
The presence of the applications in question, which according to those with direct knowledge of the situation did not misuse or steal user information, has nonetheless triggered concern among users. The applications were created by a developer known as 09Droid and used the names of various banks, including Chase, Sun Trust and Bank of America.
"The Android Market Content Policy clearly states that we don't allow applications on Android Market to identify themselves with third-party marks without permission," a Google spokesperson told eWEEK. "If an application violates the content policy, we will remove it from Android Market, and developer accounts will be terminated for repeated violations."
First Tech Credit Union warned customers Dec. 22 that a "fraudster developed a rogue Android Smartphone app" that created a shell of mobile banking applications and tried to gain access to consumer information. A similar warning from BayPort Credit Union came the same day; BayPort Credit Union's mobile bank provider, MShift, notified Google of their concerns Dec. 15.
Google said its use policies have provisions designed to strike a balance between providing security and lowering barriers to developers making applications available to users. While applications are not reviewed before appearing on the Android Market, they are taken down if they violate the terms of use.
"For example, we have a policy against inappropriate content, which includes malware," the Google spokesperson said. "A developer must also abide by our Developer Distribution Agreement in order to upload an application to Android Market. We also may check applications for compliance with the Market Content Policies (in order to remove malware, porn, spam, or profanity)."
Mikko Hyppönen, chief research officer at F-Secure, predicted that there will likely be more rogue applications on mobile devices.
"Some of them will try to target online banking, others will try to call premium-rate numbers or send text message spam and so [on]," he said in an e-mail to eWEEK. "Signing and certifying programs are in a key position on smartphone systems to prevent problems like this ... [although] we have seen the 'Signed by Symbian' certification process subverted a couple of times." (source: eWEEK)
Post a Comment