Listen

Description

Why the Open App Markets Act Matters

Episode Notes:Join us on "Upwardly Mobile" as we delve into the critical issue of how Apple and Google's dominant control over the mobile app ecosystem is stifling innovation in mobile app security and potentially increasing long-term consumer cyber risk. While both companies, especially Apple, are currently seen as doing a "reasonable job" with cybersecurity within their closed environments, experts warn that this "monoculture protection" is not sustainable against evolving threats from nation-states, criminal groups, and AI.The Problem with App Store Monopolies: The core argument is that monopolistic behavior naturally suppresses innovation because there's little fear of competition. This has led to a situation where innovative mobile app security startups are struggling to achieve the growth and valuations seen in other cybersecurity sectors like cloud and API security, despite the central role mobile apps play in our daily lives. This concentration of security responsibility with just two companies puts all our "defensive eggs into one basket".A prime example is Google Mobile Services (GMS), which maintains a strong hold on Android mobile apps, making it difficult for external security vendors to compete effectively. The sources highlight that Apple and Google's solutions are specific to their closed ecosystems, lacking incentive for crucial cross-platform security initiatives.The Solution: The Open App Markets Act (OAMA) The bipartisan Open App Markets Act was introduced by U.S. Senators Marsha Blackburn, Richard Blumenthal, Mike Lee, Amy Klobuchar, and Dick Durbin to address these concerns. This landmark legislation aims to set fair, clear, and enforceable rules to promote competition and strengthen consumer protections within the app market by curtailing Apple and Google's "gatekeeper control".

Key Provisions of OAMA:

Support & Criticisms:

The Open App Markets Act has garnered strong support from numerous technology and consumer groups, including Spotify, Epic Games, the American Economic Liberties Project, and the Coalition for App Fairness, all advocating for a fairer, more competitive marketplace. They argue it will lead to lower prices, more innovation, and increased consumer choice.However, Apple and Google are predictably opposed, raising concerns about potential security risks associated with opening up their platforms to sideloading and alternative app stores. There are also ongoing debates about whether the bill could inadvertently affect content moderation by potentially penalizing companies for exercising editorial judgment.Recommendations for Moving Forward: Beyond legislation, the authors of "Apple and Google are Suppressing Innovation in Mobile App Security" offer concrete recommendations for Apple and Google to foster a healthier mobile app security ecosystem:
  1. Facilitate Third-Party Security Vendors: Open their ecosystems to third-party mobile app security solutions through certification and partnership models.
  2. Incentivize Developers: Financially reward developers who invest in robust security measures, potentially through reduced commission rates.
  3. Adopt Open Standards: Transition to widely recognized open standards for mobile app security evaluation, such as those developed by OWASP, and extend this to mobile payment systems.
These steps are crucial to ensure that the rapid evolution of cyber threats is met with equally rapid and diverse innovation, protecting consumers and society at large from future mobile app breaches.Sponsor: This episode is brought to you by Approov. Learn more about their cutting-edge mobile app and API shielding security solutions at www.approov.io.


Keywords: Mobile app security, Apple App Store, Google Play Store, monopoly, innovation, competition, Open App Markets Act, OAMA, sideloading, third-party app stores, alternative payment systems, cybersecurity threats, consumer protection, developer rights, digital economy, antitrust, tech regulation, privacy, OWASP, GMS.