top of page

India Proposes Source Code Access for Smartphone Security

  • Writer: tech360.tv
    tech360.tv
  • 2 minutes ago
  • 3 min read

India is proposing that smartphone manufacturers share source code with the government and implement various software modifications as part of extensive new security measures. This plan has prompted behind-the-scenes opposition from major technology companies, including Apple and Samsung.


People in colorful clothes and phones form a circle, photographing or filming with sky as background. Bright and cheerful mood.

The technology firms contend that the package of 83 security standards, which would also include a requirement to notify the government of significant software updates, lacks global precedent. Companies fear these measures risk revealing proprietary details.


The initiative is part of Prime Minister Narendra Modi's efforts to enhance user data security as online fraud and data breaches increase. India is the world's second-largest smartphone market, with nearly 750 million phones in use.


IT Secretary S. Krishnan stated that "any legitimate concerns of the industry will be addressed with an open mind," adding that it was "premature to read more into it." A ministry spokesperson noted ongoing consultation with tech companies on the proposals.


Among the most sensitive requirements in the new Indian Telecom Security Assurance Requirements is access to source code. This underlying programming instruction set, which makes phones function, would be analysed and potentially tested at designated Indian laboratories.


The proposals also mandate companies make software changes to permit uninstallation of pre-installed applications. Additionally, apps would be blocked from utilising cameras and microphones in the background to "avoid malicious usage."


A December IT ministry document detailing meetings with Apple, Samsung, Google, and Xiaomi highlighted that "Industry raised concerns that globally security requirement have not been mandated by any country."


The security standards, drafted in 2023, are under consideration for legal enforcement. Officials from the IT ministry and tech executives are due to meet on Tuesday for more discussions, sources said.


Smartphone makers closely guard their source code. Apple previously declined China's request for source code between 2014 and 2016, and U.S. law enforcement has similarly attempted and failed to acquire it.


India's proposals for "vulnerability analysis" and "source code review" would require smartphone makers to perform a "complete security assessment." After this, test laboratories in India could verify their claims through source code review and analysis.


MAIT, the Indian industry group representing the firms, stated in a confidential document responding to the government proposal that "This is not possible... due to secrecy and privacy." The group added that "Major countries in the EU, North America, Australia and Africa do not mandate these requirements."


MAIT asked the ministry last week to drop the proposal, a source with direct knowledge said. The Indian proposals would also mandate automatic and periodic malware scanning on phones.


Device manufacturers would also be required to inform the National Centre for Communication Security about major software updates and security patches before user release. The centre would possess the right to test these updates.


MAIT's document suggests that regular malware scanning significantly depletes a phone's battery. It also describes seeking government approval for software updates as "impractical" due to the necessity of prompt issuance.


India also seeks to have phone logs, digital records of system activity, stored on the device for at least 12 months. MAIT argued in its document that "There is not enough room on device to store 1-year log events."

  • India proposes new security standards requiring smartphone makers to share source code and implement software changes.

  • Technology companies, including Apple and Samsung, oppose the plan due to proprietary concerns and lack of global precedent.

  • The government aims to enhance user data security amid rising online fraud in India, a major smartphone market.


Source: REUTERS

As technology advances and has a greater impact on our lives than ever before, being informed is the only way to keep up.  Through our product reviews and news articles, we want to be able to aid our readers in doing so. All of our reviews are carefully written, offer unique insights and critiques, and provide trustworthy recommendations. Our news stories are sourced from trustworthy sources, fact-checked by our team, and presented with the help of AI to make them easier to comprehend for our readers. If you notice any errors in our product reviews or news stories, please email us at editorial@tech360.tv.  Your input will be important in ensuring that our articles are accurate for all of our readers.

Tech360tv is Singapore's Tech News and Gadget Reviews platform. Join us for our in depth PC reviews, Smartphone reviews, Audio reviews, Camera reviews and other gadget reviews.

  • YouTube
  • Facebook
  • TikTok
  • Instagram
  • Twitter
  • LinkedIn

About Us

Privacy

Disclaimer

info@tech360.tv

© 2021 tech360.tv. All rights reserved.

bottom of page