Google to Manually Review Permissions for SMS and Call Applications
Google's latest policy update on the Google Play Store is tightening the screws on apps that request call log and SMS permissions. Starting this week, only apps that are the default for making calls or sending texts will be able to access these permissions.
Announced back in October, this new policy aims to bolster user privacy. With call and SMS permissions granting apps access to contact lists and sensitive information, malicious apps could exploit this to contact premium numbers and charge users unduly.
According to Google's blogpost, the company plans to introduce more limited APIs for uses that don't require such extensive access to user data. Non-compliant apps will be removed from the Play Store.
Permission Declaration and Manual Review
The new policy involves a mix of human reviewers and automation. When developers upload an app, it undergoes automatic checks for permissions requested, including call and SMS permissions. Anything flagged will require a human reviewer to approve or deny the permission usage based on the app's declaration form.
While Google typically relies on automation, the increased sophistication of malicious app developers calls for human intervention. Developers must explain why their app needs SMS or Call Log permissions, and this form will be reviewed by a human.
Acceptable Use Cases
Google allows apps to request SMS permissions for core functionalities such as messaging apps, banking apps, or those requiring SMS verification codes. For call log permissions, the typical approval is for apps with primary functions like call management or voice assistants.
Apps must show a legitimate need for access to call logs and ensure responsible handling of user data. They must also explain clearly why they need these permissions and ensure they are not misused.
Stay Informed
For the latest industry news, stay tuned. Google has provided a support page to cover new rules, exceptions, invalid uses, and alternatives to common uses. Keep your apps compliant and your users' privacy secure.
- In light of Google's updated policy, only apps with primary functions, such as messaging apps, banking apps, call management apps, or voice assistants, will be granted SMS and call log permissions.
- As Google continues to limit access to sensitive user data, app developers must provide a clear and legitimate reason for needing SMS or call log permissions, ensuring responsible handling of this information to avoid any potential misuse.
