My Android application required to access "sms_send" permission which is stated on my application project manifest, that's why I checked
the following permission (Default SMS handler and Default Assistant handler) from the Google Permission Declaration Form. But I tried to publish many times still my publish won't succeed. This error message appeared:
App rejected. "Your recent app submission was rejected for violating
the Permissions policy. Before submitting your app for another review,
read through the policy and make sure your app is in compliance"
Any help would be highly appreciated. Thanks in advance.
Yes call history permission and sms permission became restrictive since last October, my application is also delisted because of this. Google now only allows default SMS app or companion app to use sms. It is not your fault.
had you checked this page already?
https://support.google.com/googleplay/android-developer/answer/9047303?hl=en
I don't know what your app's main category part, but many apps were rejected after google's restricts rule change.
hope this answer may help for you
Related
Here I have an android application its core functionality is forwarding incoming text messages (SMS) to E-Mail Inbox, there it requires RECEIVE_SMS permission. my app is removed from the play store due to the google play policy violation. SMS_permission is mandatory in my application.
I submitted an appeal to google play, their response is given below
...
I’ve reviewed your appeal request and found that your app still violates Google Play Policy. I’ve included details below about the specific issue with your app and what you can do to get your app back on Google Play.
Issue
During review, we found that your app violates the Permissions policy :
You may only request permissions that are necessary to implement critical features or services currently available in your app. You may not use permissions that give access to user or device data for undisclosed, unimplemented, or disallowed features or purposes. SMS and Call Log Permissions are subject to additional restrictions; in order to use these permissions, you must first receive approval from Google Play.
For example, we found that your app contains :
RECEIVE_SMS
...
please tell how can I republish the application in to playstore with those sms permissions
Yes Google removed apps which have READ_SMS permission.
Try to implement using Google API,
You don't need READ_SMS permission anymore after that.
Have a look at this Google code,
https://developers.google.com/identity/sms-retriever/overview
There are quite a few rules regarding privacy around these permissions and sometimes it's hard to understand, but maybe this will help. First of all:
Google Play restricts the use of high risk or sensitive permissions, including the SMS or Call Log permission groups.
Assuming that your app needs some of these permissions in order to work properly, Google says that it needs to be set as the default phone/sms handler. The app has to be registered as the default handler BEFORE the permission is requested and stop using them once the app is not the default handler anymore.
However, this is not the case for your app. You need access to that information, but your app cannot be set as a handler for sms/calls. In this case, an exception can be made for your app, provided that you satisfy two requirements: you have no other way to achieve the same behaviour (checks for your app) and the use case you implement can be found in the list of excepted use cases (see the Exceptions section from the link above). Here is a little bit tricky because there is no use case that clearly matches your app, but I think that you might be able to use Cross-device synchronization or transfer of SMS or calls (make sure that you check the list in detail and select the one that best fits your app).
Now, the final step is here:
If you believe your app meets the policy requirements for acceptable use or is eligible for an exception, you should declare any Call Log or SMS permissions directly through the Play Console.
Details about the process can be found here and if you did all of these, then your request will be sent to the Google Play team, they will review it and decided if your app will be published or not.
P.S. Make sure that you clearly indicate why your app needs those permissions.
I'm publishing an Android app on Google Play Store and I have enabled sms permission in the manifest. After publishing it, Google rejected the app with the below information:
Issue: Violation of Permissions policy After reviewing your app, we
found that it doesn’t qualify to use the requested permissions for the
following reason(s):
Based on our review, we found your app’s expressed user experience did
not match your declared core functionality {Default SMS handler (and
any other core functionality usage while default handler), Default
Phone handler (and any other core functionality usage while default
handler)}. Please remove these permissions from your app.
Default handler capability was listed on your declaration form, but
your app does not appear to have default handler capability. Please
submit a revised declaration form.
As of the recent change to the application privacy policy, to view sms messages, your application must be the default sms handler. As stated in this reminder by Google.
You can submit a declaration for outlining why your app uses the sms permissions but it's unlikely that they will accept it, only a few use cases get approved.
You can remove this permission from manifest and remove run-time asking permissions and after updating your version code and version name. you have to push your app on alpha,beta or Internal test track first and then move it to production.
just add sms call permission in your manifest with tools:node="remove" tag and remove it from asking at run-time.
<uses-permission android:name="android.permission.SEND_SMS" tools:node="remove" />
after adding this Google play console will not ask you to fill up the permission declaration form.
if you still faces any issues you can chat live with google play console team or communicate with them through mail
https://support.google.com/googleplay/android-developer/answer/7218994?hl=en
Wait for some time if you get message like "Chat support is currently not available." it will update after some time.
If you're using any SMS or CALL_LOG related permission you need to submit a Permissions Declaration Form for your app.
check this and this for more info
There are two answers to this question
Answer 1.
If you roll out a release using the Google Play Developer Publishing API and Google Play has not previously approved your APK or App Bundle's use of high risk or sensitive permissions, you will receive an error.
To continue managing releases using the Publishing API, you must either remove any high risk or sensitive permission requests from your app and create a new release with the revised APK or App Bundle or prepare and roll out your release using the Play Console web UI, following these steps:
Upload your APK or App Bundle with high risk or sensitive permissions requested
Complete the Permissions Declaration Form as above
Complete the rollout of the release using the Play Console web UI
If you still need the sms permission as well as other sensitive permission declaration in you manifest,
You can also Fill and submit a Permissions Declaration Form for your app and create a new case during the process. Google will review your reasons for requesting those permissions and get back to you. Do not rollout a new update until you've received a reply from Google else, your app will be rejected again.
If you still need the sms permission to be declared in your manifest, you can fill the Permissions Appeal Form by clicking on the link below:
https://support.google.com/googleplay/android-developer/contact/permissions
I'm trying to release an app on google play console. There one declaration form which is required 19 option core functionality. But the problem is that I have to remove previous all permission.
When app review rejects my app send me auto-generated mail.
After reviewing your app, we found that it doesn’t qualify to use the requested permissions for the following reason(s):
Based on our review, we found your app’s expressed user experience did not match your declared core functionality Default SMS handler (and any other core functionality usage while default handler). Please remove these permissions from your app.
Default handler capability was listed on your declaration form, but your app does not appear to have default handler capability. Please submit a revised declaration form.
What I'm missing?
Please help me out.
Fill-up google docs for permission.
Make sure your permission is given in manifest and give the pop up in user level.
Contact google developers for Details.
See this
Google has blocked some permissions like READ_CALL_LOG, WRITE_CALL_LOG and SMS related permissions. Basically they are saying that if you are trying to send SMS or handle Calls like TrueCaller, submit your application we will take a look at it.
I think they are aiming for quality application that are developed by viable developer companies or individuals. Also, SMS phishing and similar harmful applications are automatically ereased from Play Store.
Also if you have a beta or alpha with permissions you need to remove them too. To be sure remove the apks with harmful permissions from artifact library to be sure.
While I am updating an app on Play store. I am getting following error according to the new policy of Google:
I have also checked all the options that are available, but again and again, Google rejects my application.
I am new to Android.
Issue: Violation of Permissions policy
After reviewing your app, we found that it doesn’t qualify to use the requested permissions for the following reason(s):
Based on our review, we found your app’s expressed user experience did not match your declared core functionality {SMS-based financial transactions (e.g., 5 digit messages), and related activity including OTP account verification for financial transactions and fraud detection}. Please remove these permissions from your app.
This is my manifest containing permissions I have declared
SMS permission is no more allowed to read OTP as android is going to give this feature to users out of the box.
You have to register as a messaging app to get SMS and CALL_LOG permissions.
So recently, Google changed its policies, read it at XDA
Same thing happened with my app, It got removed from play store, for using SMS features.
You need to remove those permissions from Android Manifest and if you need to send a message to someone, you need to use Intents to form a message and fill out the messaging app and user has to manually send the message.
Or if you are trying to access SMS permission for automatic OTP, there are other ways to do it.
As it turns out, you need to fill a form. Read this article from Google and refer to this answer on StackOverFlow
Do not update your minSdkVersion in this release. You need to rollout removal of permissions for all of your users.
Try deactivating previous versions of your apk on play console. If you updated minSdkVersion of your app and did not deactivate older apks, older devices are still served the apk with permissions.
This worked for me!
Today I got a mail like this, according to this I’m not able to use RECEIVE_SMS READ_SMS anymore in my app. In my app I’m using auto read OTP. Is there any solution for this?
Hello Google Play Developer,
In October, we announced updates to our Permissions policy that will
limit which apps are allowed to request Call Log and SMS permissions.
This policy will impact one or more of your apps.
Only an app that has been selected as a user's default app for making
calls or text messages, or whose core functionality is approved for
one of the exception use cases, will be able to request access to Call
Log or SMS permissions.
Action required
Below, we've listed apps from your catalog which do not meet the
requirements for permission requests. Please remove any disallowed or
unused permissions from your app's manifest (specified below), migrate
to an alternative implementation (e.g. SMS Retriever API for most
cases of OTP verification), or evaluate if your app qualifies for an
exception.
Next steps
Read through the Permissions policy and the Play Console Help Center
article, which describes intended uses, exceptions, invalid uses, and
alternative implementation options for usage of Call Log or SMS
permissions.
Update your app or submit a Permissions Declaration Form.
Option 1) If your app does not require access to Call Log or SMS
permissions: Make appropriate changes to your app by removing the
specified permissions from your app's manifest or migrating to an
available alternative implementation by January 9, 2019.
Option 2) If your app is a default handler or you believe your app
qualifies for an exception: Please submit a request via the
Permissions Declaration Form. You do not need to have implemented APK
changes in order to submit a form. Declaration Forms received by
January 9, 2019 may be eligible for additional time to make changes to
bring their app(s) into compliance. If you have recently submitted a
Permissions Declaration Form, we are in the process of reviewing your
information and will respond to your application.
Make sure that your app is otherwise compliant with all other
Developer Program Policies to prevent your app from being removed.
Alternatively, you can choose to unpublish the app.
Our Developer Program Policies are designed to provide a safe and
secure experience for our users while also giving developers the tools
they need to succeed. That is why we will remove apps that violate our
policies. In cases of repeated or serious violations of our policies,
we may also terminate your developer account and any related developer
accounts.
We appreciate your willingness to partner with us as we make these
improvements to better protect users.
Affected apps
Affected apps and permissions are listed below, up to 20; if you have
additional apps, please ensure that they are also compliant with the
Permissions policy.
this one is also a solution.. without submitting form we have another solution .. for this we need to genarate app id..
SMS Retriever Api
This is really new headache for developers
While updating my app to play store with new version code i can't found to fill permission declaration form.
I'm not using SMS and call log permissions any more but still i can't able to update my app.
How I solve this problem hope it helps some one
First check if you have any alpha,beta or any other active testing tracks.
If you have then go to artifact library and see how many active artifacts you have.
Go through permissions of each of them if you find the sms or call log permission in any of them then that means you found the problem.
Deactivated the track if you can.
If you can't able to deactivate them create an APK with those permission and upload it to the track which contain APK with those permission previously in the artifact library.
Then you will see the permission declaration form fill that form choose no when it asked did your app follow Google play store permission policy then roll out your application.
Then do same for all the active tracks without permission and this time you can choose Yes in declaration form and choose the option for which you use those permission previously I'm using for OTP verification so I choose that one.
After updating these all tracks you need to promote your app to production one by one with increasing order of version code at last only one active artifact track, only production and now you can update in that track only.
Hope it help some one.......
If your app not using those permissions and the third-party library using some kind of those permission use below code for avoiding those permissions. it may affect those library smooth functioning
<uses-permission
android:name="android.permission.RECEIVE_SMS"
tools:node="remove" />
<uses-permission
android:name="android.permission.READ_SMS"
tools:node="remove" />
<uses-permission
android:name="android.permission.SEND_SMS"
tools:node="remove" />
or else you can use alternate methods in the answers, example
SMS Retriever Api
Its not like that you are thinking about. Go to this link
and fill up and submit the from. If you app's default function is to show SMS inbox or just OTP account verification, then they will not remove your app.
Google is no more allowing more apps with SMS permission due to security and privacy issue. So if you need Phone No verification then
Firebase Auth is the best option. It's almost free
Limit:Verification code SMS messages 50 messages/IP address/minute, 500 messages/IP address/hour
https://firebase.google.com/docs/auth/android/phone-auth
According to google "You may only request permissions that are necessary to implement critical current features or services in your application. You may not use permissions that give access to user or device data for undisclosed, unimplemented, or disallowed features or purposes".
Click Here To Read Official Google Permission Doc
If your app need to read sms for SMS-based user verification / OTP verification please use SMS Retriever API which does not needed any sms permission and your app can still read SMS for OTP verification.