Minimum App Criteria:
- General: App submission should include detailed instructions on how to install and operate the App, and system requirements to run the App.
- NIST Acknowledgment: The following notice should be displayed prominently within the application: “This product uses data provided by the National Institute of Standards and Technology (NIST) but is not endorsed or certified by NIST.” The NIST SRD number must also be displayed prominently in the application. Use of the NIST or Department of Commerce logos is prohibited.
- Functionality/Accuracy: A Submission may be disqualified if the software application fails to function as expressed in the description submitted by the Participant.
- Privacy: Participants should keep in mind that NIST considers protection of personal information an essential element of App security. Apps must seek user permission to access and use personal information.
- Security Vulnerabilities: Participants must agree that NIST may conduct testing on the App to determine whether malware or other security threats may be present. NIST may disqualify the App if, in NIST’s sole judgment, the App may damage government or others’ equipment or operating environment. For guidance about minimizing security vulnerabilities in mobile applications, Participants can consult NIST Special Publication 800-163, “Vetting the Security of Mobile Applications” (http://dx.doi.org/10.6028/NIST.SP.800-163).
- Data: App must use at least one of the Eligible NIST Datasets.