Google has removed a series of suspicious mobile applications from the Android Market. Google says the applications were taken down for violating the site's use policy by using the names of banks without their permission.
Google has removed several banking applications from its
The presence of the applications in question, which
according to those with direct knowledge of the situation did not misuse or
steal user information, has nonetheless triggered
concern among users.
The applications were created by a developer known as
09Droid and used the names of various banks, including Chase, Sun Trust
and Bank of America.
Market Content Policy
clearly states that we don't allow applications on
Android Market to identify themselves with third-party marks without
permission," a Google spokesperson told eWEEK. "If an application
violates the content policy, we will remove it from Android Market, and
developer accounts will be terminated for repeated violations."
Tech Credit Union warned customers
Dec. 22 that a "fraudster developed
a rogue Android Smartphone app" that created a shell of mobile banking
applications and tried to gain access to consumer information. A similar
warning from BayPort Credit Union
came the same day; BayPort Credit Union's
mobile bank provider, MShift, notified Google of their concerns Dec. 15.
Google said its use policies have provisions designed to
strike a balance between providing security and lowering barriers to developers
making applications available
to users. While applications are not reviewed
before appearing on the Android Market, they are taken down if they violate the
"For example, we have a policy against inappropriate
content, which includes malware," the Google spokesperson said. "A
developer must also abide by our Developer Distribution Agreement in order to upload
an application to Android Market. We also may check applications for compliance
with the Market Content Policies (in order to remove malware, porn, spam, or
Mikko Hypp??Ã©nen, chief research officer at F-Secure,
predicted that there will likely be more rogue applications
on mobile devices.
"Some of them will try to target online banking, others
will try to call premium-rate numbers or send text message spam and so [on],"
he said in an e-mail to eWEEK. "Signing and certifying programs are in a
key position on smartphone systems to prevent problems like this ... [although]
we have seen the 'Signed by Symbian' certification
a couple of times."