The central government may force smartphone makers to remove pre-installed applications and allow mandatory screening of major operating system updates under proposed new security rules. reuters,
Citing two people and a government document seen by the news agency, the report said that India’s IT ministry is considering these new rules, details of which have not been reported earlier, on espionage and misuse of user data. Amid concerns about
A senior government official told the agency on condition of anonymity, “Pre-installed apps can be a weak security point and we want to ensure that no foreign nation, including China, is exploiting it. It is a matter of national security.”
The new rules are likely to push up launch timelines in the world’s No. 2 smartphone market and hurt business with pre-installed apps for players including Samsung, Xiaomi, Vivo and Apple.
The issue of data breaches and risks related to the use of Chinese mobile apps and phones was first highlighted in 2020. After the Galwan Valley conflict, the Indian government banned several Chinese mobile apps. The government had banned 59 Chinese apps including popular apps like TikTok, WeChat and Shareit to protect the privacy of its citizens. The list grew longer as more apps were added over the past few months. But these apps are back in India under new identities, posing a major threat to the security and privacy of Indian users.
Globally, several countries have already banned the use of technology from Chinese firms such as Huawei and Hikvision, fearing Beijing could use them to spy on foreign nationals. However, the Chinese government denied such claims.
Currently, many smartphones have pre-installed apps that cannot be removed, such as Chinese smartphone maker Xiaomi’s app store GetApps, Samsung’s payments app Samsung Pay Mini and iPhone maker Apple’s browser Safari.
Under the new rules, smartphone makers will have to provide an uninstall option and new models will be checked for compliance by a laboratory authorized by the Bureau of Indian Standards agency, two people with knowledge of the plan said. reuters,
The sources further said that the Center is looking at mandating the screening of every major operating system update before making it available to users. “Most of the smartphones used in India have pre-installed apps/bloatware, which create serious privacy/information security issues,” said confidential government records of a February 8 IT ministry meeting. reuters,
An important meeting took place in the presence of representatives of Xiaomi, Samsung, Apple and Vivo. As per the document, once the rules come into force, smartphone makers will be given one year to comply.
Banned Chinese apps returning to India in new forms?
This was reported in February by News18 Some banned Chinese apps have come back to India under new identities, posing a major threat to the security and privacy of Indian users. One such app is Tiki, which is reportedly owned by Singapore-based Bigo, but the company has denied any involvement despite evidence that it is based in Beijing.
“When we checked with tools available online, the IP history of https://tiki.video/ showed us that it has traces in Beijing, and indeed, with BGO technology Pte Ltd. Cyber expert Amit Dubey said, “It uses the same layer that Bigo’s previous app used to have.” In response, Tikki denied any connection with China or any Chinese apps or companies and said that their servers and user data are strictly based in India.
ShareKaro, Helo and Resso are other apps reportedly owned by Chinese firms and operating once again in India, marketed under the false pretext of ‘Make in India’ to attract users. However, Tiki was the only company to respond to the allegations and denied any Chinese links. Meanwhile, ShareKaro uses personal email IDs, which has raised alarm bells for many. Experts agree that personal email ID is not a problem, but people look for credibility and identity when promoting an app to a large audience.
“Apps take many permissions at the time of installation and sometimes these permissions are not required. While the marketplace has its own set of rules regarding permissions, the same is not very well defined in terms of app functioning and user behavior. Apps have their own logic to access their data but how can it be trusted when a server based in China has stored our important data,” explained Dubey.
Apart from impersonating, the banned apps are promoting alternative ways for Indian users to download them. One such way is to download the APK file from Google or use a proxy and download it as a user from another country. However, both methods come with their own risks.
When users install apps from APK files, they are not getting them from an official source, which increases their chances of downloading a modified version containing malware or viruses. Similarly, using a proxy to download an app may compromise a user’s privacy, as the app may collect data on their online activity.
(with inputs from Reuters)
read all Latest Tech News Here