I installed a new application to release it to the play console. I installed Apk. First, I uploaded it to the open beta channel, but it always seems to be under review.
Later, after installing each apk, I get an e-mail about application permissions, they say that they do not comply with their privacy and sensitivity policies.
These appear in the permissions required by apk on the play console:
android.permission.ACCESS_NETWORK_STATE, android.permission.INTERNET, android.permission.READ_EXTERNAL_STORAGE, android.permission.WAKE_LOCK, android.permission.WRITE_EXTERNAL_STORAGE, com.google.android.c2dm.permission.RECEIVE
This is the content of mail:
Requested permissions do not match core functionality of the app
You declared Select Carrier Services and Device Automation as the core functionality of your app. However, after review, we found that your app does not match the declared use case(s). Learn more about permitted uses and exceptions.
Please either:
Make changes to your app so that it meets the requirements of the declared core functionality or,
Select a use case that matches your app’s functionality
Sensitive permission
Your app does not qualify for use of the requested permissions. Permission requests should make sense to users. You may only request permissions that are necessary to implement critical current features or services in your application. You may not use permissions that give access to user or device data for undisclosed, unimplemented, or disallowed features or purposes.
This is the my AndroidManifest.xml and permissions:
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.WAKE_LOCK" />
<uses-permission android:name="com.google.android.c2dm.permission.RECEIVE" />
If anyone has an idea or can help I would be very glad.
Although I changed it 8 times and installed the apk, I did not get approval for how many days and I constantly receive the mail I sent the content above, every time I send an apk..
Related
I have Submitted my app on google play console: the app send SMS containing command to a device installed on user boat (Secure the engine, open close Doors, water pump) and send SOS with the exact user location in case of danger
but my app got rejected: "Requested permissions do not match core functionality of the app
You declared Device Automation as the core functionality of your app. However, after review, we found that your app does not match the declared use case(s)."
1 -I submitted Sensitive permissions and APIs:
Device Automation, Physical safety / emergency alert apps (I tried those permission one by one and both)
2 - I submitted policy:
https://www.termsfeed.com/live/b70cbc94-adc7-41ca-88de-8d3c0a8d5878
3 - In App Manifest permission
<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />
<uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" />
<uses-permission android:name="android.permission.ACCESS_BACKGROUND_LOCATION" />
<uses-permission android:name="android.permission.SEND_SMS"/>
I tried several times, without success could you help me solve the problem ?
My app has been rejected by google play for requesting access to the user's background location, but I'm not sure where they are getting that from.
In my manifest I've got this
<uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" />
<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION"/>
<uses-permission android:name="android.permission.ACCESS_BACKGROUND_LOCATION" tools:node="remove" /> (< just added this one, still got rejected)
The required permissions (apk) listed on google play
android.permission.ACCESS_COARSE_LOCATION,
android.permission.ACCESS_FINE_LOCATION,
android.permission.ACCESS_NETWORK_STATE,
android.permission.ACCESS_WIFI_STATE,
android.permission.INTERNET,
android.permission.READ_APP_BADGE,
android.permission.READ_EXTERNAL_STORAGE,
android.permission.WAKE_LOCK,
android.permission.WRITE_EXTERNAL_STORAGE,
com.anddoes.launcher.permission.UPDATE_COUNT,
com.google.android.c2dm.permission.RECEIVE,
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE,
com.htc.launcher.permission.READ_SETTINGS,
com.htc.launcher.permission.UPDATE_SHORTCUT, com.huawei.android.launcher.permission.CHANGE_BADGE,
com.huawei.android.launcher.permission.READ_SETTINGS,
com.huawei.android.launcher.permission.WRITE_SETTINGS, com.majeur.launcher.permission.UPDATE_BADGE,
com.oppo.launcher.permission.READ_SETTINGS,
com.oppo.launcher.permission.WRITE_SETTINGS,
com.sec.android.provider.badge.permission.READ,
com.sec.android.provider.badge.permission.WRITE,
com.sonyericsson.home.permission.BROADCAST_BADGE,
com.sonymobile.home.permission.PROVIDER_INSERT_BADGE,
me.everything.badger.permission.BADGE_COUNT_READ,
me.everything.badger.permission.BADGE_COUNT_WRITE
I'm using #react-native-community/geolocation to pull the users location, only after they have granted their permissions. So I'm trying to think if there was something that I missed, but the app was accepted two weeks ago.
Anyone dealt with this recently?
Upon further digging i've found that the apk 22074 is listed as active, but I don't seem to be able to delete it or deactivate it. .
Update #2
So it looks like the three APKs that they mention are in violation are listed in my Closed Testing releases. I have stopped the tracks, but nothing has changed, as I'm still getting emails from google play telling me that the app is asking for background permissions (it's not afaik).
App removed from google play store due to the following reason:
APK HAS A PROMINENT DISCLOSURE BUT THE DISCLOSURE IS NOT ADEQUATE Your app is uploading users' Contact information to
https://domen.com without an adequate disclosure.
Because of application is for international call app we are using a lot of permissions
<uses-permission android:name="android.permission.USE_CREDENTIALS" />
<uses-permission android:name="android.permission.CALL_PHONE" />
<uses-permission android:name="android.permission.WRITE_CONTACTS" />
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<uses-permission android:name="android.permission.READ_PHONE_STATE" />
<uses-permission android:name="android.permission.READ_CONTACTS" />
<uses-permission android:name="android.permission.VIBRATE" />
<uses-permission android:name="android.permission.INTERNET" />
The application does not upload information about the user's contact ("Address Book").
In a not google mentioned that the Contact data is sent to our host.
I feel your pain; Google Play rejection is often arbitrary and getting to the bottom of it (with an actual human on the other end) is next to impossible. That said, Google Play support is considered off-topic here. This question will probably be closed soon enough.
That said, extra permissions are not the reason. What you probably have is a genuine case of an HTTP request with some information that originates in the contact list. As far as I can tell, Google's screening robot uses some kind of data path analysis internally. Obfuscating the data path (by using reflection and such) might get you off the hook.
One more data point: my app was once delisted over an old version in the beta channel. The beta version from a couple of years ago had a behavior that Google once tolerated but then didn't (a direct link to an APK). Once I've replaced the version in the beta channel, Play was happy again. See if you have something like that. The takedown notice I've got from them didn't make it clear.
The Reason For Rejection after a over 2 months Struggle is cause of Non Compliance of the apps in any of the stages Internal / Closed / Open Testing / Production
Please make sure once the app is Removed by google ,the roll out the release to 100% & Make sure all the Internal / Closed / Open Testing / Production have the version which is complaint with the Google Policy.
with "Google bots" taking over approval process and if u enter this Policy Loop and will never be able to reach the Contacts to find help.
Recently I tried to publish an app in Google Play Store, but I am receiving the following error and my app is getting rejected every time.
I have removed all the SMS related permissions only basic permissions required are included in the app, and I have used some 3rd party libraries like PayPal, Payumoney.
Please find the reference link below for more information regarding the updated Google Policy:
Privacy, Security, and Deception
If you cannot disable adding this permission by a dependency you can explicitly remove it from merged manifest like this:
<uses-permission
android:name="android.permission.READ_PHONE_STATE"
tools:node="remove" />
I am developing an application which has a number of components, each component will be a separate Android app. The "Core" app will use content providers to offer access to the database, and reading the permissions documentation "Signature" protection is the way I want to go.
I've defined a group for my permission, mainly so my permissions would show up nicely against my own icon in the "Permissions" section of the App Info. with android:protectionLevel="normal" they show up just fine. But when I use the android:protectionLevel="signature" they disappear.
<permission-group
android:name="com.example.permissions.GROUP"
android:label="#string/lblGroup"
android:description="#string/descGroup"
android:icon="#drawable/ic_menu_permissions_group" />
<permission
android:name="com.example.permission.CONFIG_READ"
android:permissionGroup="com.example.permissions.GROUP"
android:protectionLevel="signature"
android:label="#string/lblConfigRead"
android:description="#string/descConfigRead" />
<permission
android:name="com.example.permission.CONFIG_WRITE"
android:permissionGroup="com.example.permissions.GROUP"
android:protectionLevel="signature"
android:label="#string/lblConfigWrite"
android:description="#string/descConfigWrite" />
Given that I am currently developing and, therefore using the developers key, are there some other hoops I need to jump through in order to get the "signature" protection level to work for developers?
As always many thanks for your help
Steve
But when I use the android:protectionLevel="signature" they disappear.
That is because the user does not need to approve them. Signature-level permissions are automatically granted and denied based upon the signatures of the apps.
are there some other hoops I need to jump through in order to get the "signature" protection level to work for developers?
It already works, for your own apps. If "developers" are third parties, you cannot use signature-level permissions, as they will be signing with their own signing keys.