My app is written on android native code and I got this warning on the play store console
Your app "appName" version code "xxxx" includes SDK com.segment.analytics.android:analytics or an SDK that one of your libraries depends on, which collects personal or sensitive data that includes but may not be limited to Advertising ID, Android ID identifiers. Persistent device identifiers may not be linked to other personal and sensitive user data or resettable device identifiers as described in the User Data policy.
ACTION REQUIRED: Upload a new compliant version AND deactivate the noncompliant version.
But I don't have that library on my project, the only libraries related to firebase that I have are these:
"com.google.firebase:firebase-crashlytics:17.4.0",
"com.google.firebase:firebase-analytics:18.0.2",
"com.google.firebase:firebase-perf:20.0.2",
"com.google.firebase:firebase-core:18.0.0",
"com.google.firebase:firebase-auth:20.0.1",
"com.google.firebase:firebase-messaging:21.0.1",
But I don't know how to solve this, should I update all of them and upload my app again and check if I received this warning again or not to see if it was solved? I need to solve this because I won't be able to upload more app versions in the following months.
Thank you for being so helpful, it's really appreciated.
Some people have asked me if I solved this, and the short answer is yes, I did. Unfortunately, nobody gave me a specific answer about how to solve it, and the problem is that I think I used a bazooka to kill a fly.
The process for solving this was this:
I updated all Firebase dependencies, I was using these:
com.google.firebase:firebase-crashlytics,
com.google.firebase:firebase-analytics,
com.google.firebase:firebase-perf,
com.google.firebase:firebase-core,
com.google.firebase:firebase-auth,
com.google.firebase:firebase-messaging
I update them using firebase-bom version 30.3.2
Also, I updated other google dependencies, I'm not 100% sure that this affected the solution, however, I want to document all just in case you are also using them, and you can consider it out.
com.google.android.gms:play-services-auth:20.2.0,
com.google.android.gms:play-services-auth-api-phone:18.0.1,
com.google.android.gms:play-services-analytics:18.0.1,
com.google.android.gms:play-services-base:18.1.0,
com.google.android.gms:play-services-location:20.0.0,
com.google.android.gms:play-services-maps:18.0.1
After using these versions, I uploaded the new build and did not see the problem again in the Google console for this version and later
Sorry for not being specific in the needed dependency to be updated, I didn't have a chance to test the combinations to discover them.
All of sudden google console started throwing an error message saying - "At least one of your app or app bundles contain an actions.xml file."
I have searched my entire app, there is no actions.xml.
Also used Analyze Apk tool of android studio to cross verify if any lib or other module may adding the actions.xml.
Here is one troubleshoot link from google (link) it describe the process To accept the Actions on Google Terms of Service.
But question remains the same that project doesn't contain any actions.xml.
Is it a console bug or I am missing anything.
This was very weird but when I tried to upload the apk after sometime it worked perfectly fine without any error messages.
As I rightly mentioned in the question there was no action.xml and action tag anywhere in my entire project.
It seems to be a console bug in my case.
It was a Google Play Console bug:
Thanks for your patience while our team investigated the behavior you experienced.
They have recently made some changes that should fix the problem. With the recent set of changes, please check to see if you are still experiencing the same issue. If so, I will be happy to see how else we can help.
Please ensure to clear your browser's cache and cookies first using the instructions available in our help center before accessing the Play Console again.
My free app directed at children from (0-5) just got rejected from Google Play in its last update. It is not released yet, I'm only releasing internal tests. The issue is the following:
"Issue: Violation of Families Policy Requirements
We have detected that your app collects personal information, however, it was not disclosed in your Play Console. Apps that include children in the target audience must comply with all Families Policy Requirements, which requires that you disclose the collection of any personal information from children in your app, including through APIs and SDKs called or used in your app. "
My app does not contain any ads but instead it has a single IAP (non-consumable) which unlocks the full game. I am using a middleware called Construct 3 to make it and also GameAnalytics to record events such as game completed, errors, etc.
The Required permissions are the following:
android.permission.ACCESS_NETWORK_STATE, android.permission.INTERNET, android.permission.READ_EXTERNAL_STORAGE, android.permission.WRITE_EXTERNAL_STORAGE, com.android.vending.BILLING
So I am not sure what the problem is, to be honest, and I am a bit confused. The mail I received mentioned doing the following:
"Review the App Content > Target audience and content section in your Play Console and be sure to accurately disclose the collection of personal information. And if applicable, you must collect verifiable parental consent before collecting any personal information from children."
So I tried and the only thing regarding the collection of personal information is what they refer to as PII (personal identifiable information). However, I don't collect any personal identifiable information as far as I know unless it's because of GameAnalytics SDK?
Example of fake data I get on GameAnalytics:
{arrival_ts:23:06, country_code:US, data:{android_app_build:3600, android_app_signature:fdg46g465dfg45d4fg654dfg64g, android_app_version:0.0.36, android_bundle_id:com.test.test, android_channel_id:com.android.vending, build:0.0.36, category:session_end, client_ts:45464654, connection_type:wwan, device:Pixel 3, google_aid:dbf5e8ab-488a-4152-afb1-dfgdf556, length:1196, manufacturer:Google, os_version:android 9, platform:android, sdk_version:construct 2.2.3, session_id:c8e3d86c-8519-42f7-a3b4-6465dfgdgf, session_num:32, user_id:dbfdfggfdab-488a-4152-afb1-df45dfg, v:2}, first_in_batch:true, game_id:78269, ip:182.19.58.0}
If anyone has some idea where to look at, that would be really appreciated.
This my post on Stack Overflow, so if it does not have this place here sorry.
We experienced this problem with 2 apps:
First App: I received a message saying that my update was rejected because of the violation on the Family program alleging that it was crashing or giving an error (pretty generic message without any detail at all), I enter in contact on the support form and they send an email asking for me to read the terms and to update my APK number and submit again, I read the terms, I already had complied with everything so I replied saying that, we already comply with everyhting and we tested the APK and OBB installation and game play, all good, please send more details, they replied copying and pasting the same message, I once more insisted and asked for them to explain the problem, they replied asking for update my APK version and submit again, I said this will solve no crashes, please explain what is the problem and the support called Sara highlighted in the message asking to update the APK version, kind of talking with a machine that do not responded what I asked, but I updated my APK version, submitted again and... Worked. Why? For some reason they will not explain, my guess is they just marked my APK as dirty as an attempt to remove apps that the developers don't update, there's no other logical thing I can think off.
Second App: This one I didn't had a happy end as the previous one, I tried the technique of updating the APK version 6 times, none worked, I asked help on the form (many times), they just copy and paste the message about read the Terms, I started to insist for some details, provided them with many proves that my APK+OBB files sent to Google Play are working fine, and asked for any clue about this "problem", like a device model and Android Version that they experienced it (isn't the minimum they suppose to provide us?) but after requesting this many times, for the first time the support guy called Arthur didn't copied and pasted and finally wrote an email, his answer was:
Hi Developer,
Thanks again for contacting the Google Play Team.
As much as I'd like to help, due to policy, I’m not able to provide any more information or a better answer to your question. In our previous email, I made sure to include all the information available to me.
If you have a different question about Google Play policies, please let me know.
Regards,
Arthur
The Google Play Team
It means, he has no information at all about what is the problem, I've trying to solve this for 2 months, our flagship game is threatened of been removed from the store and they can't even explain why, the support team can just copy and paste a generic message without any understanding of our problem and we have no other channel to ask for help.
I'm really disappointed with Google for such poor support for developers.
Hope you can solve your problem updating your APK and submitting again, otherwise you can enter on the same loop as me.
Good luck!
An app I published in Google Play got flagged by Google as being in breach of their malicious behavior policy. Specifically they stated that: “Your app contains the following dynamic code downloading: https://redirector.gvt1.com/edgedl/android/appdatasearch/libAppDataSearchExt_armeabi_v7a.v7.so”
I was completely unaware of this behavior and would like to remedy the situation. However, even after a few days researching this subject online, I still have no idea how to locate the root cause and fix it.
The google play support team can’t or won’t give any more information/guidance other than the statement above.
I suspect this behavior could stem from one of the external libraries used in the project (since I don’t perform this action directly in my code), but have yet to find the way to check this hypothesis
Does anyone have any advice on how to proceed?
Any diagnosis tools that monitor this sort of behavior by an app?
Thank You,
For a while now I've had a warning on my developer console regarding a MoPub security vulnerability. It comes from my mediation ad network (Appodeal). However, I have long since receiving this warning removed ALL ads from the application and resubmitted quite a few new apk versions, but the warning persists.
When I say i've removed all ads, I mean all external libraries (including MoPub), all code & anything declared in the manifest. I can't figure out what is lingering in the app that is triggering off this warning. Usually after posting an update the warning will go away for a few hours after submission, and then return. It's doing my head in.
What, precisely, do I need to do to stop this warning message? Thanks in advance.
Here is a Google Help link explaining the issue: https://support.google.com/faqs/answer/6345928
You shouldn't remove Mopub, you just need to update Appodeal sdk.
You can find the link to the new sdk version here (native android): http://www.appodeal.com/sdk/documentation?framework=1&full=1&platform=1#p_2
And also you can write to Appodeal support chat about any technical questions :)