Google is executing new Play Store policies monitoring and regulating the usage of SMS and Call Log. New Play Store rules will only allow certain types of apps to request/access phone call logs and SMS permissions, and any apps that don’t fit into Google’s deliberate use cases will be blocked from the Play Store. The policy was first announced in October, and the policy kicks in and the ban hammer starts falling on non-compliant apps from January onwards and concession would be given to some to mobile applications till the first week of March, 19 after accepting the policy.
In the October, Google came out with its vision for SMS and phone permissions for Google Play apps, mentioning, “Only an app that has been selected as a user’s default app for making calls or text messages will be able to access call logs and SMS, respectively.” That statement also comes with a host of exceptions, some of which were added after communicating with members of the developer community, but the end result is still that SMS and phone permissions will be heavily policed on the Play Store.
Google says – the decision to define new developer policies and guard the permissions was made to protect user privacy. SMS and phone permissions can give an app access to a user’s contacts and everyone they’ve ever called, in addition to allowing the app to contact premium phone numbers that can charge money directly to the user’s cellular bill. Despite the power of these permissions, a surprising number of apps ask for SMS or phone access because they have other, more favourable use cases. So to clean up the Play Store, Google’s current plan seems to be to (1) build more limited, replacement API’s for these benign use cases that don’t offer access to so much user data and (2) kick everyone off the Play Store who is still using the wide-ranging SMS and phone permissions for these more limited use cases.
Google set up a help page that covers the new rules and offers workarounds for some use cases. A recent addition to Android is a scoped API for SMS-based user verification, which will allow an app to ping a phone with an SMS and automatically fill in the code, all without using the powerful SMS permission. Google’s help page also lays out use cases that have been granted a “temporary exception” to use the SMS and phone permissions. Besides actual phone and SMS apps, Google allows backup and restore apps, enterprise and device management apps, caller ID and spam blocking apps, “companion” hardware apps (for instance, smartwatch or fitness tracker apps), cross-device synchronization apps, SMS-based financial transaction apps, budget apps (for tracking SMS spending), task automation apps, and proxy call apps. It has also been reported in some games that they have been blocked under the Gambling policies described in the same policy para.
What’s new in Mobile App Approvals!
Google’s enforcement of these new policies is a mix of automated and human review. When developers upload an app to Google Play, they do so through the Google Play Developer console, which can automatically tell a lot about the makeup of the app. Part of this is comprehending what permissions each app requests, and anything that asks for SMS or Call Log permissions is flagged for human approval. Developers then need to fill out a “Google Play Permissions Declaration Form” and explain exactly why they need the SMS or Call Log permission, at which point a real human will review the form and approve or deny the permission usage. Basically, SMS and phone apps will all need to be manually whitelisted from now on. This kind of enforcement is definitely a new front in Google’s App Store to guard the Android ecosystem.
Doing an actual human review on the Play Store seems very new and guess this system won’t last forever. Google explicitly calls the permission exceptions “temporary,” which suggests the company is working on more scoped API’s that cover more of the SMS and phone permission use cases that it currently has granted exceptions for.
What to do next? Contact us
– If you really required to access the “SMS” – Read, Receive, & Send, and “Call Log” – Read, Receive, & Call, define it in Manifest file and submit the new signed APK. Before submitting, you have to fill up the detailed form in Playstore describing the requirements, importance, and how auditor could access the app.
– If it is urgent, you can submit the new build without any changes to the console along with the undertaking letter. This will give your app concession till the first week of March. But I hardly have seen such app acceptance.
– If you think that your App can be run without SMS or Call Log. Remove all the controllers and related files from the build and submit along with the policy acceptance.
– Still, if you have no idea or finding difficulty and have to launch it on priority then contact us, StudioKrew has set up the dedicated crash management team to resolve such issues for all segments including game development and enterprise applications.
– If the publisher name is different then the brand displayed in the App or you publishing the app under the license of some another brand then you may require the permission agreement letter signed in the brand letterhead mentioning the bundle name and app name specifically.
– If the Game App has some virtual coins or rewards which are not related or deal with real money then specifically mentioned under your policies about the non-Gambling activity and restrictions guidelines. Also, try to add some policy acceptance at the time of user signup. As it has been reported that few games have been blocked under the Gambling Policy.
– Play store may come with the new guidelines for the Enterprise Android Application. If your app is not opened to all users and has limited/restricted closed group of audience, you should start working on the new work through. For more details check the link for Enterprise Android Mobile App Development.
If you have any question in your mind or need to assign the task to handle same on retainer basis then you can contact our Sales team, click here.