Protecting against unauthorized access
This category is about the system protecting against unauthorized access (e.g., by persons other than the consumer).
The functionality of an app, its sponsorship, and linkages to external data sources all affect the security, privacy and data controls which are established to ensure safe and effective use. In this section, conformance criteria point to issues which can be addressed through a range of options, and as such implementers should consider not only the conformance criteria but the discussion regarding applicability to the exemplary use cases.
 “System” includes the app itself (on the device) as well as its supporting infrastructure (e.g., cloud-based or other services provided outside the device)