Permission Declaration Form for SMS in Android - android

My question is not how to implement SMS in android. I just want to get clarification regarding a post which says something about removing apps from Google store that ask for SMS permission for those that have not submitted a permission Declaration form.
https://android-developers.googleblog.com/2019/01/reminder-smscall-log-policy-changes.html …

The permission declaration form is more or less useless. Google wants to remove all Apps which use read/write SMS from the store.
There are a few cases in which the declaration form helped. Tasker was allowed to use read/write SMS but that was an exception because Tasker is very popular.
If you want to use read/write SMS in your App you won't be able to publish it on the Play Store. Google won't allow it.
This all happened because some developers from India and China used read/write SMS for illegal activities.
There still are ways to send SMS from your App but you are not allowed to use read/write SMS permission or do it automatically from you App.
Read more here:
https://proandroiddev.com/no-more-sms-call-log-permissions-now-what-9b8226de7827

The Answer suggested above worked for me. I used an Intent to open the default SMS app. And yes the permission declaration form is real. So i will advice looking for an alternative to figure out the problem.

Related

App Approval for SMS and Call log Permission

I All, I have created a very simple app for Auto SMS reply. The main objective of this application is to automatically send back a SMS when someone is unavailable to read or respond to that SMS.
The main issue is that It's not getting approved on Google Play Store as it is not fall under their policy.
I have implemented the disclosure form or activity about SMS permissions also that user without using granting that permission not able use that app. Added the privacy policy also that it's collecting or transferring any information to third party.
Can someone help me on this? How can I get approval for this android app on Google Play Store? Under which category I can put my app for approval?
Thanks,
Gaurav Kapoor
Google restricts the usage of the SMS permissions group to either the default SMS app or the one of permitted use-cases.
You can check the list of permitted use-cases here:
https://support.google.com/googleplay/android-developer/answer/10208820?hl=en
When you submit an app to Google Play that requests the user for the SMS permission, you must fill out a form in Google Play Console with the specific use-case your app is using, or else it'll be automatically denied.
From your explanation of the app's purpose it might go under 2 permitted use-cases: Device automation or In-vehicle hands-free use, but you probably know best which one to choose.
Then, it will be up to the Google reviewer that will check your app to decide whether or not your app's use-case is indeed what you claim it to be and is permitted to use SMS.

Google play store removed my app due to sms permission

Here I have an android application its core functionality is forwarding incoming text messages (SMS) to E-Mail Inbox, there it requires RECEIVE_SMS permission. my app is removed from the play store due to the google play policy violation. SMS_permission is mandatory in my application.
I submitted an appeal to google play, their response is given below
...
I’ve reviewed your appeal request and found that your app still violates Google Play Policy. I’ve included details below about the specific issue with your app and what you can do to get your app back on Google Play.
Issue
During review, we found that your app violates the Permissions policy :
You may only request permissions that are necessary to implement critical features or services currently available in your app. You may not use permissions that give access to user or device data for undisclosed, unimplemented, or disallowed features or purposes. SMS and Call Log Permissions are subject to additional restrictions; in order to use these permissions, you must first receive approval from Google Play.
For example, we found that your app contains :
RECEIVE_SMS
...
please tell how can I republish the application in to playstore with those sms permissions
Yes Google removed apps which have READ_SMS permission.
Try to implement using Google API,
You don't need READ_SMS permission anymore after that.
Have a look at this Google code,
https://developers.google.com/identity/sms-retriever/overview
There are quite a few rules regarding privacy around these permissions and sometimes it's hard to understand, but maybe this will help. First of all:
Google Play restricts the use of high risk or sensitive permissions, including the SMS or Call Log permission groups.
Assuming that your app needs some of these permissions in order to work properly, Google says that it needs to be set as the default phone/sms handler. The app has to be registered as the default handler BEFORE the permission is requested and stop using them once the app is not the default handler anymore.
However, this is not the case for your app. You need access to that information, but your app cannot be set as a handler for sms/calls. In this case, an exception can be made for your app, provided that you satisfy two requirements: you have no other way to achieve the same behaviour (checks for your app) and the use case you implement can be found in the list of excepted use cases (see the Exceptions section from the link above). Here is a little bit tricky because there is no use case that clearly matches your app, but I think that you might be able to use Cross-device synchronization or transfer of SMS or calls (make sure that you check the list in detail and select the one that best fits your app).
Now, the final step is here:
If you believe your app meets the policy requirements for acceptable use or is eligible for an exception, you should declare any Call Log or SMS permissions directly through the Play Console.
Details about the process can be found here and if you did all of these, then your request will be sent to the Google Play team, they will review it and decided if your app will be published or not.
P.S. Make sure that you clearly indicate why your app needs those permissions.

Unable to publish application in Google Play using Send_SMS

My Android application required to access "sms_send" permission which is stated on my application project manifest, that's why I checked
the following permission (Default SMS handler and Default Assistant handler) from the Google Permission Declaration Form. But I tried to publish many times still my publish won't succeed. This error message appeared:
App rejected. "Your recent app submission was rejected for violating
the Permissions policy. Before submitting your app for another review,
read through the policy and make sure your app is in compliance"
Any help would be highly appreciated. Thanks in advance.
Yes call history permission and sms permission became restrictive since last October, my application is also delisted because of this. Google now only allows default SMS app or companion app to use sms. It is not your fault.
had you checked this page already?
https://support.google.com/googleplay/android-developer/answer/9047303?hl=en
I don't know what your app's main category part, but many apps were rejected after google's restricts rule change.
hope this answer may help for you

Issue: Violation of Permissions policy remove app by google

I'm trying to release an app on google play console. There one declaration form which is required 19 option core functionality. But the problem is that I have to remove previous all permission.
When app review rejects my app send me auto-generated mail.
After reviewing your app, we found that it doesn’t qualify to use the requested permissions for the following reason(s):
Based on our review, we found your app’s expressed user experience did not match your declared core functionality Default SMS handler (and any other core functionality usage while default handler). Please remove these permissions from your app.
Default handler capability was listed on your declaration form, but your app does not appear to have default handler capability. Please submit a revised declaration form.
What I'm missing?
Please help me out.
Fill-up google docs for permission.
Make sure your permission is given in manifest and give the pop up in user level.
Contact google developers for Details.
See this
Google has blocked some permissions like READ_CALL_LOG, WRITE_CALL_LOG and SMS related permissions. Basically they are saying that if you are trying to send SMS or handle Calls like TrueCaller, submit your application we will take a look at it.
I think they are aiming for quality application that are developed by viable developer companies or individuals. Also, SMS phishing and similar harmful applications are automatically ereased from Play Store.
Also if you have a beta or alpha with permissions you need to remove them too. To be sure remove the apks with harmful permissions from artifact library to be sure.

Permissions policy that will limit which apps are allowed to request Call Log and SMS permissions

Today I got a mail like this, according to this I’m not able to use RECEIVE_SMS READ_SMS anymore in my app. In my app I’m using auto read OTP. Is there any solution for this?
Hello Google Play Developer,
In October, we announced updates to our Permissions policy that will
limit which apps are allowed to request Call Log and SMS permissions.
This policy will impact one or more of your apps.
Only an app that has been selected as a user's default app for making
calls or text messages, or whose core functionality is approved for
one of the exception use cases, will be able to request access to Call
Log or SMS permissions.
Action required
Below, we've listed apps from your catalog which do not meet the
requirements for permission requests. Please remove any disallowed or
unused permissions from your app's manifest (specified below), migrate
to an alternative implementation (e.g. SMS Retriever API for most
cases of OTP verification), or evaluate if your app qualifies for an
exception.
Next steps
Read through the Permissions policy and the Play Console Help Center
article, which describes intended uses, exceptions, invalid uses, and
alternative implementation options for usage of Call Log or SMS
permissions.
Update your app or submit a Permissions Declaration Form.
Option 1) If your app does not require access to Call Log or SMS
permissions: Make appropriate changes to your app by removing the
specified permissions from your app's manifest or migrating to an
available alternative implementation by January 9, 2019.
Option 2) If your app is a default handler or you believe your app
qualifies for an exception: Please submit a request via the
Permissions Declaration Form. You do not need to have implemented APK
changes in order to submit a form. Declaration Forms received by
January 9, 2019 may be eligible for additional time to make changes to
bring their app(s) into compliance. If you have recently submitted a
Permissions Declaration Form, we are in the process of reviewing your
information and will respond to your application.
Make sure that your app is otherwise compliant with all other
Developer Program Policies to prevent your app from being removed.
Alternatively, you can choose to unpublish the app.
Our Developer Program Policies are designed to provide a safe and
secure experience for our users while also giving developers the tools
they need to succeed. That is why we will remove apps that violate our
policies. In cases of repeated or serious violations of our policies,
we may also terminate your developer account and any related developer
accounts.
We appreciate your willingness to partner with us as we make these
improvements to better protect users.
Affected apps
Affected apps and permissions are listed below, up to 20; if you have
additional apps, please ensure that they are also compliant with the
Permissions policy.
this one is also a solution.. without submitting form we have another solution .. for this we need to genarate app id..
SMS Retriever Api
This is really new headache for developers
While updating my app to play store with new version code i can't found to fill permission declaration form.
I'm not using SMS and call log permissions any more but still i can't able to update my app.
How I solve this problem hope it helps some one
First check if you have any alpha,beta or any other active testing tracks.
If you have then go to artifact library and see how many active artifacts you have.
Go through permissions of each of them if you find the sms or call log permission in any of them then that means you found the problem.
Deactivated the track if you can.
If you can't able to deactivate them create an APK with those permission and upload it to the track which contain APK with those permission previously in the artifact library.
Then you will see the permission declaration form fill that form choose no when it asked did your app follow Google play store permission policy then roll out your application.
Then do same for all the active tracks without permission and this time you can choose Yes in declaration form and choose the option for which you use those permission previously I'm using for OTP verification so I choose that one.
After updating these all tracks you need to promote your app to production one by one with increasing order of version code at last only one active artifact track, only production and now you can update in that track only.
Hope it help some one.......
If your app not using those permissions and the third-party library using some kind of those permission use below code for avoiding those permissions. it may affect those library smooth functioning
<uses-permission
android:name="android.permission.RECEIVE_SMS"
tools:node="remove" />
<uses-permission
android:name="android.permission.READ_SMS"
tools:node="remove" />
<uses-permission
android:name="android.permission.SEND_SMS"
tools:node="remove" />
or else you can use alternate methods in the answers, example
SMS Retriever Api
Its not like that you are thinking about. Go to this link
and fill up and submit the from. If you app's default function is to show SMS inbox or just OTP account verification, then they will not remove your app.
Google is no more allowing more apps with SMS permission due to security and privacy issue. So if you need Phone No verification then
Firebase Auth is the best option. It's almost free
Limit:Verification code SMS messages 50 messages/IP address/minute, 500 messages/IP address/hour
https://firebase.google.com/docs/auth/android/phone-auth
According to google "You may only request permissions that are necessary to implement critical current features or services in your application. You may not use permissions that give access to user or device data for undisclosed, unimplemented, or disallowed features or purposes".
Click Here To Read Official Google Permission Doc
If your app need to read sms for SMS-based user verification / OTP verification please use SMS Retriever API which does not needed any sms permission and your app can still read SMS for OTP verification.

Categories

Resources