Sunday, 17 November 2013

App Certification (and Failure) is a Very Good Thing!

Windows Phone App - Fails Certification

One of the really good things for Windows Phone Users is that Apps fail certification for the Windows Phone Store.  It's actually a good thing for developers too but it's a bit hard to swallow at the time it happens to you.  It happened to me. :-(

Good for the Windows Phone Owner

Why is it good for the phone owner?  Well, as a Windows Phone user, I can safely have a certain amount of trust in apps I put on my phone.  I know that most apps I install are not going to harm me.  I know they are not likely going to do something other than what they say they are going to do.  I know that somebody other than the developer has checked the app for honesty and a certain amount of stability.  There is no guarantee and the certification does not protect users from their own folly (although I suspect they try), but it certainly is considerably more than nothing.  I also know that an app I download is not going to hurt my phone.  I know that it's not going to act as some sort of virus.  I know it's not going to be used to attack other computers.  When I, a developer, submit an app to the Windows Phone Store, it generally takes about 5-7 days to certify or fail because it takes time to check all this stuff.   If a developer submits his app to a store and that store certifies the app in less than one minute, I can't imagine that the app has been vetted in any way as "safe".  I prefer my apps to be checked and failed if they are not good enough so that I better preserve the goodwill of my customers.

Good for the Windows Phone App Developer

It takes time to test and certify an app for the store.  Knowing that a thorough check is going to be done on the app provides strong motivation to "get it right" and build a great app.  The certification process gives lots of guidelines to make a safe app.  A good app means more downloads.  Lots of downloads means more opportunity for monetization.  A good app means that people who download it are likely going to download other apps I have done.  Yeah!

Guidelines for the Windows Phone Store can be found at MSDN

Why it Helped Me

Apps submitted to the windows store have to contain certain things.  In my case, I used the location services.  It did not have a clear privacy policy.  I failed certification.  But if it had passed it would have implied that I could do anything I wanted with your phone.  Who would care?  You should!  There would be nobody to check to make sure I was doing what I said I would.  My app now clearly states that the app will NOT transmit any of your location data to me.  I will not share it at all without their permission and will only store data on their phone or their SkyDrive (if they provide permission).  So once stated, Microsoft will check during the certification process that I am doing just that in the app.

Where it Might not Catch a Bad App

In Canada there are a number of major banks.  Once such bank refuses (so far) to create a Windows Phone version of their banking software.  However they do have a web page where you can do banking.  An enterprising developer saw an opportunity for app that he no doubt thought was a great idea.  They created an app that basically wrapped the banks web site.  Gave a nice little logon screen to make it easy.  I saw the app and initially thought it was from the bank.  It wasn't.  There were actually quite a few glowing reviews of the app.  Now take a moment to think about this.  A developer that you do not know, allows you to enter your BANK PASSWORD into his app so you can have a nice interface to your bank web page?  I couldn't believe it.  This app had the potential to be extremely nasty to those that freely gave up their banking information.  This is one of those apps that MIGHT have been malicious (probably wasn't) and it made it through certification.  But somebody at Microsoft was on the ball.  The app disappeared from the store shortly after publishing perhaps because of a customer complaint or somebody just had an "ah ha" moment. 

Knowing What I Know Now

I would never allow my kids to have a phone that does not have a proper App Certification process, too scary.  I honestly prefer Windows Phone as more suited to the way I work and it has the pre-requisite app certification process and I will continue to mutter politically incorrect words each time an App submission fails certification but mutter words of thanks each time I install an app on my phone.

Mark Schramm
@markbschramm