Woo-hoo! We're awfully proud to announce that today we've published our Application Certification Requirements.
The requirements revolve around three key principles:
- Consumers must consent to what happens on their computers
- Consumers must never feel tricked or unpleasantly surprised when they install an app
- Consumers must never feel cheated when they pay for an app
If you build apps, you can use these requirements to ensure you meet these principles. And please consider getting your app certified and sealed by us, so our security partners will automatically know your app is clean.
If you keep consumers safe from bad apps, you can use these requirements to help you determine if an app should be allowed to be advertised, offered, installed, or run. Better yet, sign up with us, and you'll be able to trust our seals and save yourself a lot of time and effort.
Our requirements are intended to be comprehensive and serve as a single source of what apps need to do to be considered clean. But although we believe these are the most comprehensive requirements available, we also recognize they will change as we and our partners and customers fight against unwanted and fraudulent behavior. We’ll work with the industry to keep these requirements up to date and relevant.
We have put six months of effort into these requirements. Here's what we went through:
- We identified the various components of an app that we believed needed certifying: traffic to the app, offers about the app, ads in and injected by the app, the installation process, how the app runs, and the uninstallation process.
- We identified the “intent” we were trying to achieve for each component.
- We came up with a naming scheme to track the “scope” of each requirement and a syntax of how we wanted the requirements to read
- We used our knowledge from the industry to capture a first draft of the requirements.
- We researched and cross-validated many related guidelines and detection criteria from across the industry to be sure we captured the needs of as many security and platform partners as possible and that these requirements were comprehensive. Some of the sources included the CSA guidelines; Microsoft’s MMPC Objective Criteria and Bing advertising policies; Google’s Unwanted Software, Adsense, Adwords, Chrome Extensions, and Specific Policies; and the FTC’s dot com guidance.
- We reviewed our proposed requirements with security and platform partners, software vendors, and industry experts.
- We "tested" the requirements on our pilot customers.
- We added a detailed explanation to each requirement to better explain our intent.
- We experimented with the best way to share these requirements. This wasn't easy: we tried documents and spreadsheets, and in the end decided that the best way would be an online form.
We used a Creative Commons license to make it easy for you to use them. We'd love to see these requirements become the standard that the world uses to tell whether an app is clean.