People nowadays use their Android or iOS device for all kinds of stuff, be it banking or filing their taxes or ordering groceries. When you are doing all your daily chores using your phone, it can be undoubtedly said that your device contains your personal as well as banking details.
Security and privacy is the primary concern of an Android user. And with so many malicious apps lurking around these days, it is important for a company like Google to care for the privacy of its users. Fortunately, Google is leaving no stones unturned to scan and eliminate suspicious apps from play store.
What Did Google Announce?
After kicking out the apps involved in malware seeding and ad-fraud, Google is currently on the quest of cracking down applications which require permission to access SMS and user’s call log. Developers are already notified that over the next few weeks, applications whose core functionality do not require them to access call logs and SMS will be permanently deleted from the app store repository of Android. Apps will be under the scanner until they are reviewed and certified that they require the permission to access call logs and SMS as their primary functions.
On October 2018, developers were informed to update the API of their applications at level 26. They were also needed to tweak the permissions following the latest guidelines meant for protecting the users. A timeline of 90 days was given to the developers, within which they should either tweak the code or justify the requirement for accessing SMS and call logs. After 90 days, Google’s team will start reviewing the apps.
What is the Current State?
The 90 days timeline being expired, Google announced that app reviewing will soon commence. The apps for which developers have not yet submitted the declaration form stating the reason for which they require the aforesaid permission will be booted off. Google has precisely said that the apps are removed based on factors like
- How the user is benefited with the permission
- Is any other alternative available
- Does the app pose any risk or does its core functionality requires accessing the call logs and SMS record?
- Did the developers explain why their apps need those functionalities?
Till now, Google has not stated any specific date for commencing the app eviction. The apps which are removed from Play Store can still be downloaded from third party APK stores such as APKPure, APKMirror, AndroidCrew,Aptoide etc. Also, the app developers will get another chance to submit an updated version of the app that does not have the permission. They can also submit a permission declaration form, after which their apps will be allowed to remain in Play store till March. After March, another review session will commence after which the apps will be allowed to remain if the declaration is found reasonable.
Google has recommended that instead of using permissions, developers can opt for a narrower API that does the same job without depending on permission to access SMS and call log. For example, for account verification, SMS retriever API can be used to verify the users account via SMS instead of accessing the SMS record.
Image Credits: Play Store from Dulin/Shutterstock