In its latest update, Google has said that app developers will have to furnish a substantial reason for why it should let them access other apps on users’ smartphones, according to Arstechnica. Most apps on the smartphone can actually see every other app that is installed on our device, thus accessing sensitive information, such as banking information, password management, and political affiliation among a host of other personal and sensitive data. Google has now announced that it plans to change this blanket access system on its Play Store from May 5.
Currently, 11 apps on Android request the “Query_All_Packages” permission to see the full list of apps one has stored on one’s device. Google has since updated its Developer Programme Policy, restricting which apps are allowed to use the permission.
“Apps that have a core purpose to launch, search, or interoperate with other apps on the device may obtain scope-appropriate visibility to other installed apps on the device,” Google said. However, there’s an exception for financial apps such as banking apps and P2P wallets, which the page says “may obtain broad visibility into installed apps solely for security-based purposes”.
If any app meets the policy requirements for acceptable use of the “Query_All_Packages” permission, the user will be required to declare this and any other high-risk permissions using the declaration form in the Play Console.
“Apps that fail to meet policy requirements or do not submit a Declaration Form may be removed from Google Play. Important: If you change how your app uses these restricted permissions, you must revise your declaration with updated and accurate information,” Google has warned in its note.
“Deceptive and non-declared uses of these permissions may result in a suspension of your app and/or termination of your developer account,” Google adds. For apps that needs to interact with other apps, Google wants developers to use app-discovery APIs instead of just pulling the entire app list.