Google today announced a series of policy updates for apps distributed through the Play Store. The most impactful sees Google limit most developers from seeing which Android apps are installed on your device.
As part of its ongoing work to restrict the use of high risk/sensitive permissions, Google is limiting what apps can use the QUERY_ALL_PACKAGES permission that “gives visibility into the inventory of installed apps on a given device.” This applies to apps that target API 30+ on devices running Android 11 and newer. Enforcement was originally meant to occur earlier, but delayed in light of COVID-19.
Play regards the device inventory of installed apps queried from a user’s device as personal and sensitive information, and use of the permission is only permitted when your app’s core user facing functionality or purpose, requires broad visibility into installed apps on the user’s device.
Applications that can continue to use the permission include device search, antivirus, file managers, and browsers. Developers are asked to “sufficiently justify why a less intrusive method of app visibility will not sufficiently enable your app’s policy compliant user facing core functionality.”
Visibility to the inventory of installed apps on a device must be directly related to the core purpose or core functionality that users access within your app.
Meanwhile, temporary exceptions will be granted to dedicated banking and digital wallet apps so that they can “obtain broad visibility into installed apps solely for security based purposes.”
Invalid use cases explicitly referenced by Google today include:
Where use of the permission is not directly related to the core purpose of the app.
This includes Peer-to-Peer (P2P) sharing. P2P must be the core purpose of the app in order to qualify as a permitted use.
When the data is acquired for the purpose of sale.
When the required task can be done with a less broad app visibility method.
This policy to limit access to the list of installed Android apps will come into effect on May 5, 2021.
Leave a Reply