So, speaking of security at Google, Google Play has introduced security audit badges for Android VPN apps. The badges indicate that the apps have undergone an independent security audit based on the MASA (Mobile App Security Assessment) standard. This initiative aims to enhance transparency and user trust by verifying compliance with specific requirements related to data storage, privacy practices, cryptography, authentication, network communication, platform interaction, and code quality. Currently, NordVPN, Google One, and ExpressVPN are among the VPN vendors displaying the new Google Play badge, while other VPN apps with valid MASA certificates are expected to join soon.
Bitwarden has added support for passkeys in its browser extensions, allowing users to use their device’s pin, face, or fingerprint for authentication. Passkey support follows the lead of Apple and Google’s built-in password managers and other third-party password managers like 1Password. Bitwarden’s latest release allows users to store and log in with passkeys using its browser extensions, and the process is demonstrated in instructional videos provided by Bitwarden.
Why do we care?
I will keep pushing passkeys here – and I believe providers should, too. Not just to customers but to your vendors, too. The shift towards passkeys is part of a broader industry move towards passwordless authentication, which offers enhanced security by minimizing the risks associated with traditional password-based systems.
