New Google Play policy cuts both ways

[harlan4096]

Not long ago, Google Play introduced a new requirement for apps. Programs are no longer allowed to request access to calls and SMS messaging if they can do without. The restriction is set to become even tougher, and soon only apps for calling and texting will be allowed to ask for these permissions. For now, however, the rule has a fairly long list of exceptions.

Developers were given until March 9 to bring their products in line with Google’s amended policy. We examine why the new requirement is a double-edged sword.

Excessively user-data-hungry apps

That Android apps often want more rights than they need for normal operation is not hard to verify: Glance at the list of permissions that they request during installation. Why, for example, does the AliExpress online store need to record audio? Or look at your call log?

Even major brands abuse permissions sometimes, and it should come as no surprise that apps from little-known or totally unknown publishers are even worse. Some of them could well be malicious and use access to calls and SMS messages to steal data and money. For example, malware that can send and receive SMS all by itself will have no trouble signing you up for some paid service or intercepting a message from a bank with a one-time-use code.

Google Play bets on security

Google says that the objective of these restrictions is to protect user privacy. The logic is simple: Bona fide developers prefer to give up unnecessary permissions than be barred from a software marketplace used by hundreds of millions of people. Meanwhile, malicious SMS interceptors and call spyware have nowhere to go but out. Great news all around, don’t you think? Unfortunately, life is not that simple.

Continue Reading