our previous apk has been removed from google play store due to new policy because of we are giving permission for READ, SEND and WRITE SMS. Now we have removed all these permission and trying to deploy this modified apk on play store. When we upload it on play store, google ask some permission like Default SMS handler, Phone handler etc. but out app didn't have such permissions. Google restrict us to select at least one permission and when we continue with one of these permission(we are selecting Default SMS handler), every time google is rejecting our apk and removing our apk from play store.
Can any one guide us to get out this problem?
I have searched over google but unable to find how to set permission for Default SMS handler in android manifest.xml?
If you have permissions which deal with Reading SMS, OR Call Logs it will come under the use of high risk or sensitive permission. Please read that for detail info.
Google Play may provide a temporary exception to apps that aren't Default SMS, Phone, or Assistant handlers when:
Use of the permission provides core app functionality to users.
There is currently no alternative method to provide the core functionality.
You must fill the form and google will approve it.
If you think that this permissions are necessary for your app and not just useless, you can follow the steps mentioned in the official document here.
Related
Hi Developers at Ministerio de Telecomunicaciones Ecuador,
Per last email, your app FirmaEC (ec.gob.firmadigital.firmaec_app) has been rejected from Google Play for not resolving the previously communicated policy issue (copied below for your reference). To resolve this issue and get your app changes published on Google Play, please address the issues highlighted in the earlier email and resubmit the app.
Publishing Status
App Status: Rejected
Your app has been rejected and wasn't published due to the policy issue(s) listed below. If you submitted an update, the previous version of your app is still available on Google Play.
Issue found: Permission use is not directly related to your app's core purpose.
We found that your app is not compliant with how REQUEST_INSTALL_PACKAGES permission is allowed to be used. Specifically, the use of the permission is not directly related to the core purpose of the app.
Issue details
We found an issue in the following area(s):
SPLIT_BUNDLE 15
Additionally, follow these steps to bring your app into compliance:
Please remove the use of REQUEST_INSTALL_PACKAGES permission from your app.
About the Request Install Packages Permission
The REQUEST_INSTALL_PACKAGES permission allows an application to request the installation of app packages. To use this permission, your app’s core functionality must include:
Sending or receiving app packages, AND
Enabling user-initiated installation of app packages.
Permitted functionalities include any of the following:
Web browsing or search
Communication services that support attachments
File sharing, transfer or management
Enterprise device management
Backup and restore
Device migration / phone transfer
The REQUEST_INSTALL_PACKAGES permission may not be used to perform self updates, modifications, or the bundling of other APKs in the asset file unless for device management purposes. All updates or installing of packages must abide by Google Play’s Device and Network Abuse policy and must be initiated and driven by the user.
For more help addressing this issue, read more in our Help Center.
Action required: Submit an updated app for review
Here's what to do to help get your app on Google Play:
Make sure to read the applicable policies or requirements listed below:
Request Install Packages Permission
Make appropriate changes to your app (if possible), and be sure to address the issue described above. You may also want to check your app's store listing for compliance, if applicable.
Double check that your app is compliant with all other Developer Program Policies.
If you made changes to your app bundle, store listing, or APK, please sign in to your Play Console and submit the update(s).
Contact support
If you've reviewed the policy and feel our decision may have been in error, please reach out to our policy support team. We'll get back to you within 2 business days.
try:
App is not compliant with how REQUEST_INSTALL_PACKAGES permission is allowed
We have a app on google play store something like snapchat (Social Networking App) but with advance chat features including app package installs. Our app got removed from playstore because we are using REQUEST_INSTALL_PACKAGES permission and google thinks it's not core purpose of our app. As per the document for REQUEST_INSTALL_PACKAGES permission state
Communication services that support attachments;
can request this permission. Our app has inbuilt chat functions which supports communications with chat attachments(APK). Where whatsapp,telegram etc can have this permission too.
We mentioned this in our policy section
Our app has chat feature which enable users to shares different types
of attachments including APK. To install APK inside our app we need
REQUEST_INSTALL_PACKAGES which help users to share and install APK.
It's same like other messaging app like telegram,whatsapp etc.
And selected communication services that support attachments & file sharing, transfer or management
Which permitted functionality does your app provide section and App functionality in Why does your app need to use the REQUEST_INSTALL_PACKAGES permission section
Are REQUEST_INSTALL_PACKAGES is invalid for our app because every other messaging app having this permission and we are getting rejecting even after appeal. Can anyone put insight on this issue please.
I got an email that is my app is rejected but in my developer console it shows in review, why?
App Status: Rejected
Your app has been rejected and wasn't published due to the policy issue(s) listed below. If you submitted an update, the previous version of your app is still available on Google Play.
Issue found: Not a core feature
The feature you identified that is dependent on this permission does not appear to be critical to the core functionality of your app.
Core functionality is defined as the main purpose of the app. Without this core functionality, the app is "broken" or rendered unusable. The core functionality, as well as any core features that comprise this core functionality, must all be prominently documented and promoted in the app's description.
Please update your app so that the feature does not use this permission or ensure that the core functionality is prominently documented and promoted in the app's description and resubmit your app on Play Developer console.
Additionally, follow these steps to bring your app into compliance:
Read more about Use of All Files Access Permission
See Android storage use cases and best practices
About the All Files Access Permission Policy
Files and directory attributes on a user's device are regarded as personal and sensitive user data subject to the Personal and Sensitive User Data policy and the following requirements:
Apps should only request access to device storage which is critical for the app to function, and may not request access to device storage on behalf of any third-party for any purpose that is unrelated to critical user-facing app functionality.
Android devices running Android "R" (Android 11) or later, will require the MANAGE_EXTERNAL_STORAGE permission in order to manage access in shared storage. All apps that target R or later and request broad access to shared storage ("All files access") must successfully pass an appropriate access review prior to publishing. Apps allowed to use this permission must clearly prompt users to enable "All files access" for their app under "Special app access" settings. For more information on the R requirements, please see this help article.
When I uploaded a new .apk to the Google Play store, its uploaded but even after some time, it rejected my submission saying, "Your recent app submission was rejected for violating the Permissions policy. Before submitting your app for another review, read through the policy and make sure your app is in compliance".
After that, I have updated Apk file with the new version and attached with a video link and its shows your app is not meet with call and SMS permission. Please Help me out this issue how to live my app again. Mainly I have already filled up the google permission form.
enter image description here
We have encountered this problem, when uploaded a new .apk to the Google Play store. Our new apk is meet new Google Permissions Policy about SMS and CALL. We remove these permissions from app completely and provide a video link, but our app update was rejected according to these permissions.
Google support team sent an email to solve this issue as follow;
To solve this issue, you will have to discard the draft artifacts containing sensitive permissions and create a new release without those permissions.
Here is how to check within the Play Console:
Go to Release Management > Artifact Library
Expand Active APKs and Draft APKs
Expand Required Permissions for each APK
You may also want to review the Permissions policy and review the Use of SMS or Call Log permission groups help article, which describes intended uses, exceptions, invalid uses, and alternative implementation options for additional guidance.
I have a simple question as to how can we prevent the user to share an apk file from his/her device to others.Like if i put a paid application in the market and a user downloads it . If its downloaded how can i be sure that he doesn't transfer the application to other or puts it in some third party market . I need to find some security measure to do it for my application.Is there any permissions that needs to be added or any third party security .
All the answers are appreciated.
As I came across this link. How can i prevent LVL
The Google Licensing Manager is what you should use which can be found at http://developer.android.com/google/play/licensing/index.html.
This uses some code that you can put at the start of your application that uses the licensing API to check that your app is licensed. This is done by checking that the account that the user is using on their device has paid for the app via Google Wallet and that a refund has not provided. If it is found to have been paid, then you can let the app run, otherwise you can display an error to the user informing them that it is not licensed. Most apps that do this provide a button that will launch the play store at your app to let them download the legit version.
This doesn't directly stop users copying the APK or publishing it on other markets but it ensures that app cannot be used unless has been purchased by the current user on the Google account they are using.
Although there may be ways to circumvent this check but this is probably the best and most reliable way.
Hope this helps.
You can do something like verify user on your server when app launched, but you cannot force user not to share .apk by technical means. Apk can be easily copied from non-rooted device, and there's absolutely impossible to prohibit user to copy .apk from rooted device even if Google adds some copy protection in future.