It was recently reported that within the next couple months the meteoric rise of Android Market is all but certain to overtake the iPhone App Store in terms of the number of applications offered. Taken on face value, this should come as little surprise to anyone.
With the wide slate of devices on which Android can operate, its app store should have a much wider customer base than does iPhone, whose apps can run on only one type of device – the iPhone. Add to that the slowing of App Store downloads experienced by iPhone over the last few months – perhaps due to Android infiltration in the “touch phone” market or perhaps due to iPhone being out there awhile so people have what they want – and the fact that Android’s app store is about to overtake iPhone’s makes sense.
What doesn’t make sense is that all this continues to happen under the shadow of Google’s extremely lax criteria regarding the quality of applications being made available in its Android Market.
Standards ... Wherefore Art Thou?
Wait a second…did I just call Google’s criteria for Android Market lax? That might be giving it too much credit!
There are those who openly question if Google has any application software quality standards that need to be met before being offered in Android Market. Google would cite this laissez faire attitude as being part of its open source nature, but the old adage of programming – “Garbage in, garbage out” – should somehow apply to offering mobile apps in Android Market.
By contrast, Apple has a well-known process for posting applications to the iPhone App Store. It even posts a list of application standards for developers to use if they want to post an application to the App Store. (NOTE: This author is not promoting iPhone over Android. In fact, this author is still a BlackBerry owner.)
Granted, Android’s popularity is the number one reason malware maniacs have made it a prime target, but the near complete lack of review of applications posted to Android Market is also a major contributing factor.
A set of standards -- and perhaps even a certification process -- must be put in place to curb the availability of malware in app stores.
Structurally Sound, Malware Free
Because so much of business today is conducted on mobile devices that access enterprise networks, an independent third-party assessment program is needed to ensure that applications being accessed via mobile are safe, structurally sound and efficient. The same holds true for consumer apps, such as games and ads.
When it comes to application software quality, there is plenty of responsibility to be shared at each of level of mobile application distribution. The platform owner, Google; the app store, Android Market; and the mobile developers themselves all need to do their parts to ensure quality.
Responsibility rightly should begin at the top. Google needs to take steps to ensure that the software that goes into the devices – for operational purposes or as pre-loaded applications – is of optimal structural quality. It needs to apply some measure of automated analysis and measurement to its own OS to prevent issues and vulnerabilities from older versions creeping into the new versions built on top of them.
The current problem is that Google doesn’t ask much (read that as “anything”) of their developers when it comes to ensuring software security and quality. Were they to demand higher quality, Android Market would need to scrutinize applications more closely – or in Android’s case, at all – before making an application available.
As for the developers themselves –the legitimate ones at least – would likely welcome such scrutiny. They should embrace such a vetting process as a sort of third-party corroboration of their application’s security and quality, which could be a competitive differentiator.
Unfortunately, until Google, Android Market and Android application developers do something to adopt minimum software quality standards, those “going gaga over Google” will continue to find themselves driven gaga trying to fend off malware.
Erik Oltmans, an Associate Partner from EY, Netherlands, spoke at the Software Intelligence Forum on how the consulting behemoth uses Software Intelligence in its Transaction Advisory services.
Erik describes the changing landscape of M & A. Besides the financial and commercial aspects, PE firms now equally value technical assessments, especially for targets with significant software assets. He goes on to detail how CAST Highlight makes these assessments possible with limited access to the targetâ€™s systems, customized quality metrics, and liability implications of open source components - all three that are critical for an M&A due diligence.