Threat actors often leverage fleeceware or fake apps to drop malware on consumers’ devices. Usually, cybercriminals use these kinds of apps to break into users’ devices and obtain access to sensitive financial data. Google promptly removes such fraudulent apps from the Play Store whenever security experts report.
In its latest update on Developer Program Policy, Google announced that it is going to prevent apps from viewing other apps that are installed on an Android device. The search engine giant stated that they wanted to make the installed apps on the device to be private from other apps to boost users’ data security.
Why did Google initiate this move?
Certain apps can transfer users’ app data to third-party developers without consent. Threat actors often misuse this option to find out users’ financial data, political interests, or dating profiles. With Google’s new initiative, there will be a limit for apps from knowing what is installed on users’ mobile devices. Hence, from May 5, 2021, consumers and developers will have to provide a reason to get access to apps info.
The new initiative also restricts the QUERY_ALL_PACKAGES permission that gives visibility to the installed apps on a device.
“If your app does not meet the requirements for acceptable use, you must remove it from your app’s manifest to comply with Play policy. If your app meets the policy requirements for acceptable use of the QUERY_ALL_PACKAGES permission, you will be required to declare this and any other high-risk permissions using the Declaration Form in Play Console,” Google said.
“Apps that fail to meet policy requirements or do not submit a Declaration Form may be removed from Google Play. If you change how your app uses these restricted permissions, you must revise your declaration with updated and accurate information. Deceptive and non-declared uses of these permissions may result in a suspension of your app and/or termination of your developer account,” Google explained.
Which apps can use QUERY_ALL_PACKAGES permission
Certain applications can make use of the QUERY_ALL_PACKAGES permission if their core user purpose requires broad visibility into installed apps on the device. Apps like file managers, browsers, and antivirus apps along with banking apps, digital wallets, and other finance-based apps will be allowed to access other apps’ data.
Cases that won’t be permitted to request the QUERY_ALL_PACKAGES permission include:
- Where use of the permission is not directly related to the core purpose of the app. This includes Peer-to-Peer (P2P) sharing. P2P must be the core purpose of the app to qualify as a permitted use.
- When the data is acquired for the purpose of sale.
- When the required task can be done with a less broad app visibility method.