Data security is a rising concern in this age of digital hacking. Smartphones are one of the primary targets as they're connected to the internet almost all the time and the security is penetrable, take CopyCat, Judy and Xavier malware for instance. But there are more ways to access users' data than a conventional cyber attack, and the ministry of electronics and IT is trying to fill the loopholes.
The Indian government has asked major smartphone companies in India to share their security procedures and processes to ensure security of mobile phones. According to a PTI report, 21 smartphone brands, most of them Chinese, have been asked to revert with the details entailing the processes they follow to ensure security of the devices.
"There's a need to ensure safety and security of mobile phones or smartphone... that hold valuable information of users as they use the phone to make digital payments and have personal data. Action will be taken against the devices that fail the verification, and audit if needed. We cannot ignore that data is being leaked to a third country... Data is a big resource now and it's important to us to ensure it's safe," a senior official in the ministry told the Economic Times.
The decision followed IT Minister Ravi Shankar Prasad's recent meeting with senior officials in the department, and representatives of Cert-In on August 14. Smartphone companies in India have a deadline until August 28 to fulfil the government's requests.
Chinese brands such as Xiaomi, Vivo, OPPO and Gionee have received the notices by the government over fears of a cyber attack. The growth of Chinese smartphone brands in India is phenomenal, as they even outgrow the local brands like Micromax and Lava. Xiaomi, Vivo, OPPO and Gionee were the fastest growing smartphone brands with strong offline push during the second quarter of 2017.
Most of these Chinese brands have their data centers stored outside India, making it a concerning factor. The government believes personal information of users such as their contact lists and messages are being stolen from remote servers, the report added. In the latest verification process, the testing of devices will be done in India and the government was upgrading testing facility in its existing labs.
The government also started review of imports of electronics and IT products from China due to the rising concerns over security and data leakages. The tensions between India and China are growing. The government's scrutiny over Chinese companies' practices in India comes at a time when there are rising tensions between India and China over Doklam issue.
But the government's request for a transparent process of security and privacy of user data doesn't solely affect the Chinese brands. Majority of the 21 smartphone brands that received the notice are Chinese, but non-Chinese brands like Apple, Samsung and India-based Micromax are also a part of the scrutiny.
These brands have been warned of penalties under IT Act 43 (A), which can attract unlimited compensation and penalties of Rs. 5 crore through state level arbitrators.