Currently, any single app on your smartphone can see every other app that you have installed on your device, thus accessing sensitive information
Are you aware that any single app on your smartphone can see every other app that you have installed on your device, thus accessing sensitive information like dating preferences, banking information, political affiliation and password management etc? Google has announced to change this system on its Play Store from May 5.
In an update, Google has said that app developers will have to provide a solid reason for why the tech giant should let them access other apps on users’ smartphones, reports arstechnica.
Currently, Android 11 apps that request the “Query_All_Packages” permission can see the full list of apps you have stored on your device.
Google has now updated its Developer Programme Policy, restricting which apps are allowed to use the permission.
“Apps that have a core purpose to launch, search, or interoperate with other apps on the device may obtain scope-appropriate visibility to other installed apps on the device,” Google said.
There’s an exception for financial apps like banking apps and P2P wallets, which the page says “may obtain broad visibility into installed apps solely for security-based purposes.”
If your app meets the policy requirements for acceptable use of the “Query_All_Packages” permission, you will be required to declare this and any other high risk permissions using the declaration form in Play Console.
“Apps that fail to meet policy requirements or do not submit a Declaration Form may be removed from Google Play. Important: If you change how your app uses these restricted permissions, you must revise your declaration with updated and accurate information,” Google warned.
“Deceptive and non-declared uses of these permissions may result in a suspension of your app and/or termination of your developer account”.
For apps that have to interact with other apps, Google wants developers to use app-discovery APIs instead of just pulling the entire app list.
The ‘Query_All_Packages’ permission was added in Android 11, so it only applies to apps targeting Android 11’s API level, which is “API Level 30.”
The Play Store’s restrictions also apply to apps targeting API level 30 and up, which means not many apps will be counted to date for such restrictions.