Image source: Variety

Google is taking steps toward significant new Play Store policy and rules for how Android’s SMS and Call Log permissions are used. New Play Store policy and rules only permit a particular app to run or ask for SMS and phone call logs request. And if any of the apps which do not follow rules and policy of Google will be permanently removed from Google Play Store. This new rules and policy were first announced in October, and the policy starts hammering more restrictions on non-compliant apps this week.

In the prior blog post in October, Google put his vision out for SMS and phone call logs permission for Google Play Store apps, and by saying that only apps which are selected as a default app by the user are only able to ask or request for making text message and phone call logs and only they will be able to get access to phone call logs and SMS, individually.

Image source: Variety

This statement also comes with a host of rejections, some of which were added after communicating with the developer community members, but the final result is still that phone call logs and SMS will be allowed or you can say get permission to play on the Play Store.

Google makes these new rules and permission to make the user more secure and protect its privacy. Because giving access to SMS and phone call logs to an app can give access to a user’s contacts and anyone they have ever called, plus to allow the apps to contact premium phone numbers that can be charged directly from the user’s cellular bill. However, the access to this permission, an amazing number of apps request for phone call logs and SMS as they have other, more begin use cases. So to get Google Play Store free from these apps, Google’s latest plan looks to build more limited, replacement APIs for these benign use cases that do not give access to so much user data and kick everyone out from the Google Play Store who is still using the wide-ranging SMS and phone permissions for these more limited use cases.

For this Google also made help page with shows the new policy, rules and offers workarounds for some use cases. A current addition to Android is a scoped API for SMS-based user verification, which will allow the app to ping a phone with an SMS and automatically fill it in the code bar, without the permission of all-powerful SMS. There are also objectives for starting SMS messages, sharing content in SMS and starting a phone call, which assigns all work to a dedicated SMS app.

Help page by Google also plans out use cases that have been allowed a “temporary exception” to use the phone call logs and SMS permissions. Other than that SMS and phone call logs apps, Google allows backup and restore apps, enterprise and device management apps, caller ID and spam blocking apps, “companion” hardware apps (f, Fitness smartwatch or Health tracker apps), cross-device synchronization apps, SMS-based monetary transaction apps, budget apps (for tracking SMS spending), task automation apps, and proxy call apps.

Whitelisting An App By A Human Manually

The introduction of Google’s new policy is a mix of automation and, unexpectedly, human review. When developers upload an app on Google Play Store, they do this through the Google Play Developer Console, which can automatically tell a lot about the app’s make-up. One part of it is known as what every app requests, and anything that asks for permission of SMS or phone calls log, is marked for human approval. Developers then need to fill out the “Google Play Permission Announcement Form” and have to explain why they need an SMS or phone call log permission, at which point a real human will review the form allegedly and the use of permission will reject or decline. Basically, phone and SMS apps will need to manually whitelist from now wards.

The introduction of Google’s new policy and rules is definitely a new front in Google’s attempts to secure the Android environment. Earlier, we all have expected a change to the way Android permission work at the OS level, but instead of perhaps thanks to Google’s quest – this step is being done entirely through Play Store policies. Of course, this means that the rules apply only to apps in the Play Store and not already installed app or app downloaded outside of the Play Store. According to our count, this is the second time Google has used Play Store rules to implement a major change in Android. At the end of last year with the launch of Android 9 pie, the Play Store implemented the minimum OS version requirements on app developers, forcing them to readjust to the new Android API with greater privacy and security limitations.

Making a real human review on the play store looks so “un-Google,” and I would imagine that this system won’t be last long. Google clearly calls the permission exceptions “temporary” which indicates that company is operating or you can say working on advance APIs that include more of the phone call logs and SMS permission use cases that it frequently has granted exceptions to.

LEAVE A REPLY

Please enter your comment!
Please enter your name here