The Centre is considering mandating new security measures for smartphone makers in India, including access to source code.
The proposed Indian Telecom Security Assurance Requirements include vulnerability analysis and malware scanning.
Tech giants like Apple and Samsung are opposing the requirements, citing risks to proprietary details.
The proposal requires storing phone activity records for a year and allowing users to uninstall pre-installed apps.
The government aims to enhance user data security amid rising online fraud in the world's second-largest smartphone market with nearly 750 million phones.
Detailed Insights:
The government's proposal includes 83 security standards, requiring alerts for major software updates, which tech companies argue lacks global precedent.
The source code access is intended for vulnerability analysis and testing in designated Indian labs, raising concerns about revealing proprietary information.
The National Centre for Communication Security will have the right to test major software updates and security patches before release.
The Manufacturers’ Association for Information Technology (MAIT) has requested the Ministry to drop the proposal, citing issues with secrecy, privacy, and practicality.
The government previously revoked an order mandating the Sanchar Saathi cyber safety app due to surveillance concerns.
Key Concepts Involved:
Source Code: The underlying programming instructions that make software and devices function.
Vulnerability Analysis: The process of identifying and assessing weaknesses in a system or software.
Malware Scanning: The process of detecting and removing malicious software from a device or system.