I was trying to add a logic in my application so that I can stop or avoid my application from Piracy \ Copied
I don't own a google play developer's account and I am curious to know that is google provide any kind of information about user who had downloaded my application ? An email id of user maybe?
Anything which can be used to authenticate any user ?
Apologies for the off-topic question.
That's a good question !
I search a little and the answer is in the Developer Distribution Agreement for Android.
It's says in the 9th point that personal data, including store and devices utilisation data can be use (As well as others data, but no mentions of them...) respecting the Google Privacy Policy.
9.1 In order to continually innovate and improve the Store, Google may collect >certain usage statistics from the Store and Devices, including but not limited >to, information on how the Store and Devices are being used.
9.2 The data collected is examined in the aggregate to improve the Store for >users and Developers and is maintained in accordance with Google's Privacy >Policy. To ensure the improvement of Products, limited aggregate data may be >available to you upon written request.
BUT e-mail informations and other sensible data like this must be wrote down. So don't worry
Related
I've come across a collection of android apps that utilise a questionable practice.
With the help of misleading ads user gets tricked into buying an app via SMS service (with prices up to 10 EUR). Afterwards the user then can enter an activation code in the free app distributed on Google Play store.
The entire operation is in grey-area, because it is the user itself who sends the SMS and is responsible for the cost. Due to the nature of the ads, its mostly unsuspecting older people that get tricked into this, because they assume that they must do it or they'll have problems with their device.
In app functionality being sold outside of the app store would most likely be a violation of Apple Store and the app could be reported.
I am wondering if there's similar rules for Play Store, so that this practice could be reported to Google.
The short answer is that Google allows this practice for now, but they are already working on changing it. From my experience, Google allows devs to use any payment/licensing model that their app requires. However, this is subject to change and the end results will be something similar with Apple's policy.
From their support page, it seems that from January 2021, they require that all new apps will use the GooglePlay IAP API. Existing apps have until the end of September to make the switch. As with any other policy, there are some exceptions, but please check the official page to receive the correct information.
My app uses Admob ads and Google Analytics. Do these collect any sensitive information for which prominent disclosure needs to be provided?
Is it necessary to show an age gate at app start to make sure the user is at least 13 years old?
You need to look at both to determine what kind of data they collect from your users.
AdMob and Google Analytics collects data that can serve behavioral marketing (remarketing) and you're required to disclose this to users and provide them with information how to opt-out of Google's remarketing:
https://support.google.com/admob/answer/2753860?hl=en&ref_topic=2745287
https://developers.google.com/analytics/devguides/collection/
Just doing some quick googling, I found this page that gives some information on admob and COPPA requirements. I want to say that I've never seen an app that uses admob give me some coppa notice, and google analytics would generally only be data you collect from users on who is using your app (general, like age, gender, location, etc) and how. Unless you are specifically targeting ages <13, imo you should be fine.
Background
I've written a game which I wish to run on multiple devices (tablets, phones, etc.). I've implemented an in-app currency, and have come to the stage where I need to store currency in the cloud so it can be accessed across devices and I can deal with conflicts etc.
I would like to go for the easiest option which, to me at least, means using some kind of available API provided, say, by Google, and not using my own server. I've come across the following possibilities:
Google AppState API (now deprecated)
Google Saved Games API
Google Drive API
Google Cloud Platform.
(1) is now deprecated and developers are directed to use the Saved Games API instead.
(2) actually seems to be a great solution because it deals with game Achievements, Leaderboards, and storage of custom data (such as in app currency). However, I see a problem with this in that in the Play Games App, there is an option to delete the player's profile, which would also delete in-game currency ! So, while (2) seems great, there is the possibility that currency data could be potentially deleted. Maybe this could be put in ther T&C's, something like "if you delete your profile you will lose any unspent currency and any purchased items"...
(3) Using the Drive API seems like an option, but then after reading online there seems to be many problems such as duplicate file names, potential for user to delete files, etc.
(4) I'm not sure about this option, but it looks like I may have to pay?
There also seems to be these deprecation schedules on some API's too.
My question
So faced with these (and possibly other not listed) options, what is a good solution to achieve cloud based in app currency? I am trying to avoid having my own server which records each user's currency/data, but maybe that's the only good solution? I want to try to reduce the ability to cheat the system.
Additional thoughts
I could use a Google Saved Games API and Saved Preferences (stored on the device) approach. I would update both Saved Preferences and Google Saved Games. I could keep both data storage methods synchronized, and if the Saved Games data did not match the Saved Preferences, then merge the Saved Prefs with the Saved Games data (e.g. set Saved Games and Saved Prefs to the maximum currency of either). This would enable me to keep a backup of currency on the device in case the user ever deleted their Saved Games profile. This would fail, however, if the user deleted their Saved Games profile, and removed the app from all devices... so many options...
Related/Interesting posts
Ricket's answer here is interesting.
Possible Compromise Solution
Due to the constraints imposed by the IAB systems and the API's available, I think I'm going to settle for this: use managed items for permanent purchases, e.g. different level themes, obtaining new characters, etc. That way these will always be available no matter what happens. Once they are purchased they are purchased forever, i.e. I will never consume these items. Have a separate virtual money (gem) system with a maximum of 100 gems say, which I keep track of through Saved Games. That way I get leaderboard/achievements too. If the player deletes their profile, that's their problem, but at least the core managed items will persist. Hopefully T&C's will cover the potential gem loss, and the maximum of 100 gems will hopefully help reduce any fall out.
You may want to checkout firebase one of its features is a real time database.
You may want to try Implementing In-app Billing. As mentioned in the documentation:
In-app Billing on Google Play provides a straightforward, simple interface for sending In-app Billing requests and managing In-app Billing transactions using Google Play.
Since, as you've also mentioned that you are trying to avoid having your own server to record your user's currency/data, it will be within your advantage. Here are a few advantages given in the documentation:
In-app billing relies on the Google Play application, which handles all communication between your application and the Google Play server. You just need to make your application request the proper permission to be able to use the Google Play application.
You can use the In-app Billing Version 3 API to track the ownership of purchased in-app products in Google Play.
You even have the option to secure your application because Google Play signs the JSON string that contains the response data for a purchase order to help ensure the integrity of the transaction information that is sent to your application.
Now, if you so decide to use in-app billing, may I suggest to please go through the given documentation and do take note of the important notes, cautions/warning and recommendations. I would also suggest that you read the In-app Billing Overview to familiarize yourself with concepts that will make it easier for you to implement In-app Billing.
Lastly, you may also add Security and Design as one of your references for more information about best practices for security and design. The suggestion in this SO post might also help.
I'd like to republish my app using the same package name under a different account. Can this be done?
Background:
I have read many posts about people post about how they lost their keystore or were banned, and the solution provided to them was to republish their app using a new package name and a new keystore. This is not my situation or what I'm looking to do. I do have my password(s)/keystore.
The motivation:
I have published about a half dozen apps to the market, and now that they are growing in user base, I have realized it was a mistake to publish under my personal google account and now wish to do things as a company/LLC to protect my personal assets/account. To that end, I want to effectively transfer the app to another account. using a new wallet account, admob, etc.
I imagine this would be done by unpublishing from my personal account, resigning and then uploading under a new account.
Policy Considerations:
For those people that have been banned, they are obviously breaking some kind of terms of service by republishing the same thing. I am in good standing with Google currently and don't want to risk anything that might make them upset or give reason to ban. I can not figure out whether or not this is against their TOS/policies. Especially since I am trying to migrate towards that they were advocating.
(As an aside, if it were trivially possible, why wouldn't a malicious user publish the same content under numerous accounts?)
Goal:
Retain userbase and package ID so that when I release new versions under the new account all existing users on my personal account will receive those updates.
Resources:
Developer Program Policy; https://play.google.com/about/developer-content-policy.html
Developer Distribution Agreement; https://play.google.com/about/developer-distribution-agreement.html
(There are other agreements but those two seem most relevant)
Summary question: Can I accomplish this transfer without losing users?
It is possible to transfer the ownership of your apps from one account to another in google play store. I found a blog post that tells you the steps to do so:
Visit this link
Fill out the form completely and accurately
Select “Transfer Applications to Another Account” from the Issue Type drop down
Submit Form
Check your E-Mail and reply with the requested information
Forward the E-Mail to the person accepting the app/game transfer and have them reply as requested
Wait for Google to wave their magic wand
After digging deeper I have discovered this
https://support.google.com/googleplay/android-developer/checklist/3294213?hl=en&ref_topic=3450986
Which may be the answer to transferring. I haven't done it yet, though. Plan to respond when I know it works.
We have an app that exists in the Google Play store that was created by a developer who is no longer at our company. We own the app and want to remove it, but we don't know what Google account the developer used to publish the app to the store.
Is there any way we can find out what account the app is associated with? If we try to log in under Google accounts we think it might be, Google wants to charge us $25 per guess.
If we can't find the account, is there a way to have Google remove the app for us if we can provide sufficient evidence that it's ours?
If the developer is unavailable or uncooperative, and you can prove that this app includes your intellectual property, you can file a DMCA request with Google, asking them to remove it from the GP store. Read the warnings on the page carefully:
http://support.google.com/bin/request.py?&product=androidmarket&contact_type=lr_dmca
You can't pull down the application from Google Play if you don't have the access to the account which is used to upload that application. If you are lucky and the developer who uploaded the app typed his mail as contact developer mail in application in Google Play, maybe in this way trying to send a mail you can find the account which is used to upload the app, but you can't trust that, because most of the developers and companies have different mails for communicating with the customers and it depends on that.
But if you contact to Google and explain them everything and as I told above if you are lucky you can convince them to delete the app from Google Play. Or the best situation in my opinion is to contact the developer who upload the application and ask him to remove it.
Good luck!
Pretty rough situation. I'm not going to advice you to use a corporate google account in the future, but I think the easiest way is to speak with the developer in person. Then explain to him that there are several clauses in his former contract with you, which concern the intellectual property obligations, signed by him.
If you don't have any, or if he was hired on a freelancer contract, with no mentioning of the above, then you'll have the real deal in the court when he sues you for "his" intellectual property (being th application), uploaded by him on the Play Store.
Of course, this is the worse case scenario, but you should consider it.
If you have nothing left, you can contact Google, as Android-Developer above me suggested, but you risk a denial.
It is a really complicated case and I would like to see the result of it, when you settle the things out.