FTC Invites Further Public Comment on Mobile Security #00002

Submission Number:
00002
Commenter:
L. Pesterfield
State:
South Carolina
Initiative Name:
FTC Invites Further Public Comment on Mobile Security
Matter Number:

P145408

Mobile Security Project, Project No. P145408 Responding to this particular question: Do consumers have the information they need to evaluate the security of an application? Are they aware of potential security risks (e.g., the insecure transmission of data)? Are there ways to make the security of applications more transparent to the end-user? 1) Am not a developer, just a smart phone user. I don't have ANY info to evaluate the security of an application, other than that brand's reputation or lack thereof. You only get the bare minimum when you buy/download an app - i.e. file size and what it will access on your device, and user ratings. I expect ALL apps to be secure if they are sold through Google Play or the iTunes store, or another reputable seller, but I have no idea what they test, other than functionality, before they offer them. 2) There is no good reason for most apps to have access to my contact list, or to be able to place calls, or to determine my GPS location. I think developers ought to stop grabbing access to all info on a mobile device unless they can prove to the stores offering/selling them that this info is essential to the function of the app. I think consumers ought to be able to OPT OUT of giving an app access to their info on an item by item basis, before or during the download process. They ought to be able to go back and delete access after it's downloaded as well. 3) On my Android phone, I have no way to view any info about an app other than file size and cache size and what it accesses on my device. Should at least show the author and certificate like desktop software has to provide. Thanks for asking for input!