Im getting this error when Im adding apk to alpha and beta in play store.
Production is normal.
I found this answers.
Google play console said "You can't edit this app until you create a new app release declaring sensitive permissions" how to fix it?
Warnings Your Apk Is Using Permissions That Require A Privacy Policy: (android.permission.READ_PHONE_STATE)
Neither Im using read_phone_state permission nor sms,call log permissions
I have attached screen shot my google play store account below.
I cant see where the real problem is. This page says only just there is an error.
Thats my all permissions
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.WAKE_LOCK" />
<uses-permission android:name="android.permission.CALL_PHONE" />
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<uses-permission android:name="android.permission.READ_CONTACTS" />
<uses-permission android:name="android.permission.WRITE_CONTACTS" />
<uses-permission android:name="android.permission.BLUETOOTH" />
<uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" />
<uses-permission android:name="android.permission.CAMERA" />
<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" />
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
<uses-permission android:name="android.permission.ACCESS_WIFI_STATE" />
<uses-permission android:name="android.permission.CHANGE_WIFI_STATE" />
<uses-permission android:name="android.permission.CHANGE_NETWORK_STATE" />
<uses-permission android:name="android.permission.CHANGE_WIFI_MULTICAST_STATE" />
<uses-permission android:name="android.permission.AUTHENTICATE_ACCOUNTS" />
<uses-permission android:name="android.permission.GET_ACCOUNTS" />
<uses-permission android:name="android.permission.MANAGE_ACCOUNTS" />
<uses-permission android:name="android.permission.VIBRATE" />
<uses-permission android:name="android.permission.MODIFY_AUDIO_SETTINGS" />
<uses-permission android:name="android.permission.RECORD_AUDIO" />
<uses-permission android:name="android.permission.WRITE_SETTINGS"
tools:ignore="ProtectedPermissions" />
<uses-permission android:name="android.permission.READ_SYNC_STATS" />
<uses-permission android:name="android.permission.READ_SYNC_SETTINGS" />
<uses-permission android:name="android.permission.WRITE_SYNC_SETTINGS" />
<uses-permission android:name="android.permission.BROADCAST_STICKY" />
<uses-permission android:name="android.permission.READ_LOGS"
tools:ignore="ProtectedPermissions" />
<uses-permission android:name="android.permission.SYSTEM_ALERT_WINDOW" />
<uses-permission android:name="android.permission.READ_PROFILE" />
<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />
In our case, we were thinking that we did not have "Read SMS/Call log" permissions in our app yet, and had the same error. But we were planning to include such features into our app, so we sumbitted the sensitive permissions declaration form previously via Google Forms link (before it was integrated into Play Console) and got a decline.
So our solution was:
1. Add READ_SMS permission to our apk and increase version code
2. Publish new apk in alpha channel and declare that the release did not comply with the new regulations (in the permission declaration form). After this the error went away.
3. Publish updated APK with this permission removed (which was our goal in the first place)
After step 2 the error went away, so we were able to release our planned apk to production.
Update:
It turned out we had an old apk with "Read SMS" permission in our alpha channel. So you can use these instructions to trigger declaration form, but you will still need to delete this apk later in order to comply new rules. This is what we did, after that error went away.
I solved it by following these steps,
Create a release and instead of uploading new apk/bundle select anyone from the library which has SMS or call permissions.
Fill up all the necessary details and the declaration form, save and review.
Now go to release management and edit this release and upload the new apk/bundle which you were supposed to upload.
Now you wont see any error messages.
Fill in all the details, save,review and rollout.
Do you have an alpha or beta release? Check If those releases have sensitive permissions, then release to production.
We were seeing this error even though our current release doesn't use these permissions because we had released an old version that did to an internal test track. We deactivated all previous APKs and the error was resolved.
You are declaring the permissions which are necessary that application ask during run time, according to the android policy you have to declare them before uploading the APK, in your case you took that permission i.e camera, record audio. Here you can get more help.
As to this article all apps that not meet the new policy and not remove or grant this permissions with google via declaration : https://docs.google.com/forms/d/e/1FAIpQLSfCnRaa4b1VuHhE4gVekWJc_V0Zt4XiTlsKsTipTlPg5ECA7Q/closedform may be removed from google play store and not be able to update currently existing one.
From your manifest permissions list you can see you asking for sms and phone related permissions : READ_CONTACTS, CALL_PHONE
Please see the following instructions to submit the declaration form:
A1. Go to the Console > App release > Click ‘Create a release’ > Upload a new APK that you want to release
A2. Retain the current version of APK
A3. Click ‘Add from library’ > Upload all active APKs to cover all permissions across the tracks in your app
You can find active APK in Release management > Artifact library
A4. Fill out the Permissions Declaration Form for extension
‘Compliance status’ > check “No, this release does not meet the SMS and Call log”
‘Declarations’ > check all
A5. Click "Save" at the bottom of the page
After that, please stay on the same page and follow the next steps:
B1. Deactivate and remove ONLY the old APKs which you do not want to release.
B2. Click "Save" again then select "Review"
B3. Then, you'll be able to release a new version of APK by clicking "Start Roll Out" button.
After finished all the steps, if your APK does NOT have sensitive or high-risk permissions anymore, please skip the steps below(C1~4) and no additional action is required. However, if you uploaded the new APK with sensitive or high-risk permissions, please note that your app will be removed after Mar 9, 2019.
If your new APK has sensitive or high-risk permissions & you want to utilize the permission after Mar 9, you need to finish the additional step to submit the declaration form to enable further review.
C1. After the new APK release(Step B1~3), please go to the Console > App release > Click ‘Create a release’
C2. Click ‘Add from library’ > Select the APK(which will be utilized after Mar.9)
C3. Retain newly updated APK in step B3
C4. Fill out Permissions Declaration Form (not for extension),
‘Compliance status’ > check “Yes, this release meets the SMS and Call log”
Choose core functionalities as well
C5. Submit the form by Clicking “Save” at the bottom of the page
Also, to make sure your app be safe after Mar 9, please do not forget to update all the APKs(with sensitive or high-risk permission) in other track with the same steps.
I have the permissions setup in my AndroidManifest.xml file that look like this:
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" />
However, everytime I run cordova build android, then cordova run android the permission in system settings for app storage is disabled. Why isn't this option automatically enabled when I have my manifest file setup with the above config?
I have an app which makes use of wifi permissions only but ever since I moved to android studio, the compiled apk of my app uses two more extra permissions, that is phone calls/phone id and SD read/write.
I have no idea how and why those permissions have been added to my app but many users complain about that.
My app uses google analytics from google play services and appcompat. I also make use of this line
deviceId = Secure.getString(ctx.getContentResolver(), Secure.ANDROID_ID);
Any ideas? I don't want those extra permissions they scare my users away
Here is the content of manifest file
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<uses-permission android:name="android.permission.CHANGE_NETWORK_STATE" />
<uses-permission android:name="android.permission.ACCESS_WIFI_STATE" />
<uses-permission android:name="android.permission.CHANGE_WIFI_STATE" />
<uses-permission android:name="com.android.vending.BILLING" />
Studio is adding permissions appropriate to the classes / features that you are using in your project.
Update
Here is a related question that focuses on manifest merging config
Testing my Android app (made in Unity) on the live store shows that it requests "Device ID & call information". As far as I can tell, I don't request these permissions. Here are the permissions I request in my AndroidManifest.xml file. Is this a permission required for all apps? Or is it hidden under one of these other permissions?
<uses-permission android:name="com.android.vending.BILLING" />
<uses-sdk android:minSdkVersion="9" android:targetSdkVersion="19" />
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<uses-permission android:name="android.permission.ACCESS_WIFI_STATE" />
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
Thanks!
I just spent an absurd amount of time trying to resolve this so figured I would share with anyone out there going through a similar agony.
Removing the permissions from your manifest will not necessarily remove them from the final build. Unity auto-detects required permissions from all included libraries. The libraries which are most likely causing you to have this permission included are from the Facebook sdk.
If you want to keep the Facebook sdk in the build, there's a relatively straightforward solution. Remove the Facebook SDK (completely) and install a version <= 7.80. For whatever reason, the changes to the sdk in 7.9+ prompt Unity to auto-include the READ_PHONE_STATE permission which triggers the Device ID & Call Information permission warning in google play.
I have an Mobile AIR project in FlashBuilder 4.6(Using AIR 3.4) and I am having a real problem publishing an APK. Here is the section from my APP XML:
<manifestAdditions><![CDATA[
<manifest android:installLocation="auto">
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE"/>
<uses-permission android:name="android.permission.READ_PHONE_STATE"/>
<uses-permission android:name="android.permission.DISABLE_KEYGUARD"/>
<uses-permission android:name="android.permission.WAKE_LOCK"/>
</manifest>
]]></manifestAdditions>
For some reason, when I create an APK, the INTERNET permission is being tacked on the end of the manifest permissions block. Note that the application.xml in the asset/META-INF/AIR folder still looks correct.
Any ideas where I am going wrong?
After a lot more searching, I found my own answer:
Note: When you bundle the runtime, ADT adds the INTERNET and
BROADCAST_STICKY permissions to your application. These permissions
are required by the AIR runtime.
BROADCAST_STICKY seems to no longer be required, but apparently when using captive runtime we cannot get around this.