PIA’s Android App Assessed in Google Security Audit

Posted on Nov 21, 2023 by Adina Matei

Here at Private Internet Access (PIA), we’re committed to trust. That’s why our apps are open-source and why we continue to add to our different transparency initiatives. We firmly believe everyone should have the assurance their private information is safely hidden from snoopers.

We recognize that not everyone has the patience or expertise to go through lines of code. Therefore we submit to regular audits, allowing security experts to put our service to the test and attest that our data protection measures are up to standards.

Recently, our Android app underwent Google’s Mobile App Security Assessment (MASA). This is a security audit where experts validate that our app is safe and adheres to good security standards. 

And now, we’re eager to share the news with you.

PIA Passed Google’s Mobile App Security Assessment 

You will now see the PIA Android app in the Google Play Store has a badge showcasing it was verified and passed Google’s MASA security audit.

This security assessment is fairly new for Google. Announced in October 2023 Google introduced real-time app scanning to verify Play Store apps are safe to use. It went one step further and added banners to mark apps that received the independent security assessment. 

Developed in 2022 by the Application Security Alliance (ADA) initiative, the MASA standard proposes a set of strict security requirements for mobile app security. These pertain to:

  • Cryptographic methods
  • Confidentiality standards
  • Authentication management
  • Network security 
  • Quality of the source code
  • Data protection measures

Because the Play Store is riddled with shady VPN apps that don’t deliver on their privacy promises, Google prioritized VPN apps for the audit. This further ensures digital security for all users. 

From VPN apps spying on user traffic to ones that are nothing more than crypto-jacking schemes, it’s clear malicious actors are profiting off people looking to bump their security. Google’s security review aims to change that.

By working with an approved cybersecurity partner, Google performs an audit that examines the source code and the server configurations and pokes for potential vulnerabilities which could leak user data

What This Means for PIA 

We applaud Google’s initiative to help Android users who want to make better, more privacy-conscious choices with the apps they download. These app badges are a great starting point for those who want to secure their online data and enhance their anonymity. 

We’re happy to have our app scrutinized by Google’s trusted cybersecurity partner. Similar to our Bug Bounty Program, we want experts to weigh in on our apps and our service. It’s one way we ensure we stay vigilant and on top of emerging cyber threats.

We will submit our Android app next year for another MASA review. Regular audits like Google’s MASA audit greatly aid us in our mission to be as transparent as possible. Google’s transparent security labeling is a great step towards building trust which lets consumers make informed decisions over the services they use. We hope other platforms will follow suit and prioritize digital security.

VPN Service