Microsoft will be able to throw a "kill switch" to disable or even remove an app from users' Windows 8 devices, the company revealed in documentation released earlier this week for its upcoming Windows Store.
Kill switches -- so called because a simple command can deactivate or delete an app -- are common in mobile app stores. Both Apple and Google can flip such a switch for apps distributed by the iOS App Store and Android Market, respectively.
[ Windows 8 is coming, and InfoWorld can help you get ready with the Windows 8 Deep Dive PDF special report, which explains Microsoft's bold new direction for Windows, the new Metro interface for tablet and desktop apps, the transition from Windows 7, and more. | Stay abreast of key Microsoft technologies in our Technology: Microsoft newsletter. ]
Microsoft may refund the purchase price when it removes an offending app from users' Windows 8-powered hardware, it said.
The company also noted that along with the app, it may also scrub data created by the app from a device. "If the Windows Store, an app, or any content is changed or discontinued, your data could be deleted or you may not be able to retrieve data you have stored," Microsoft said.
Three years ago, Apple's then-CEO Steve Jobs acknowledged the existence of a kill switch in iOS, but the company has yet to use it. Apps that the company approved, but then decided to later pull from the App Store -- the most recent example was a $15 tethering app that sidestepped mobile carrier add-on fees for tethering an iPhone to a laptop to provide the latter with Internet access -- have continued to work and have not been remotely removed from users' phones or tablets.
Google, however, has used a kill switch several times to remotely delete apps from Android smartphones when it has been told those apps contain malicious code or intent. Google first used the switch in June 2010 to scrub a pair of apps added to the Android Market by Jon Oberheide, co-founder and CTO of Duo Security, a developer of two-factor authentication software.
Oberheide planted the apps as part of his research into vulnerabilities that let attackers push malware to Android phones.
In 2011, Google used the same switch to remove scores of malicious apps that had made their way into the non-curated Android Market, and from there onto users' devices.
Microsoft has not made clear whether -- and if so, how -- it will scan or review app submissions for potential malware or malicious intent.
The Windows app certification requirements forbids developers from including, linking to or using the push notification service to "provide an entry point for viruses, malware, or any other malicious software" that access a user's Windows 8 system. But the company has not said how it will police that requirement. Nor did it immediately reply to questions today.