how do you reconcile the gameablity of this? as has been shown in polls before.
from 1014
Emphasis mine
These badges are not just images people can use, they signnify that they have gone through compliance and compaibilty testing. Whilst the MGRC can set what they think the tests should be, the actual work will have to be carried out by professional, accredited auditors. - like NCC.
I think we should have seals like this, however it will take a lot of time and resources to work with companies like NCC to develop these (I developed these for the Microsoft xbox) - The standards should cover everything from UI/UX, change handling and everything in between. Data content protection is a massive one. and on a PC you need to do some kind of sandboxing. anyway my point is: This is something we are going to have to include in the grant allocations, it is not something the MGRC has time to do, the non financial burden should be on the recipients (i am not saying that the MGRC should not fund it, but it should be in the grant.)
(as an example, just the key exchange and key purge of a datacryptor took 2 weeks to test)
Verisign has an interesting story, they created iDefence, so they could get ahead of the game, now owned by Accenture. - why would the MGRC not use these sorts of resources which give actual confidence?
This is a mature industry with a lot of the companies that have the skills to help. I wonder if any of my contacts moved to Accenture. I have said this before, but this sort of thing is standard in fintech software.