The Anti-virus Times

So, I received this message today and was stunned as soon as I read it: In short: if your application uses READ_CALL_LOG, WRITE_CALL_LOG, PROCESS_OUTGOING_CALLS, READ_SMS, SEND_SMS, WRITE_SMS, RECEIVE_SMS, RECEIVE_WAP_PUSH, or RECEIVE_MMS and is not the default app for SMS and calls, it won't be able to use these permissions.

There is also this part of the message I don't quite understand: migrate to an alternative implementation (e.g., SMS Retriever API for most cases of OTP verification). Is there a way to access SMS data without requesting those permissions? If there is, I know nothing about it.

And here is why I'm so worried: our company has been using an Android app to send instructions to our employees via SMS. And now, since that is no longer allowed, how can we make the application retrieve SMS data associated with a specific phone number?

Hello Google Play Developer,

In October, we announced updates to our Permissions policy that will limit which apps are allowed to request Call Log and SMS permissions. This policy will impact one or more of your apps.

Only an app that has been selected as a user's default app for making calls or text messages, or whose core functionality is approved for one of the exception use cases, will be able to request access to Call Log or SMS permissions.

Action required

Below, we've listed apps from your catalog which do not meet the requirements for permission requests. Please remove any disallowed or unused permissions from your app's manifest (specified below), migrate to an alternative implementation (e.g. SMS Retriever API for most cases of OTP verification), or evaluate if your app qualifies for an exception.

Next steps
Read through the Permissions policy and the Play Console Help Center article, which describes intended uses, exceptions, invalid uses, and alternative implementation options for usage of Call Log or SMS permissions.

Update your app or submit a Permissions Declaration Form.

Option 1) If your app does not require access to Call Log or SMS permissions: Make appropriate changes to your app by removing the specified permissions from your app's manifest or migrating to an available alternative implementation by January 9, 2019.

Option 2) If your app is a default handler or you believe your app qualifies for an exception: Please submit a request via the Permissions Declaration Form. You do not need to have implemented APK changes in order to submit a form. Declaration Forms received by January 9, 2019 may be eligible for additional time to make changes to bring their app(s) into compliance. If you have recently submitted a Permissions Declaration Form, we are in the process of reviewing your information and will respond to your application.

Make sure that your app is otherwise compliant with all other Developer Program Policies to prevent your app from being removed.
Alternatively, you can choose to unpublish the app.

Our Developer Program Policies are designed to provide a safe and secure experience for our users while also giving developers the tools they need to succeed. That is why we will remove apps that violate our policies. In cases of repeated or serious violations of our policies, we may also terminate your developer account and any related developer accounts.

We appreciate your willingness to partner with us as we make these improvements to better protect users.

Affected apps

Affected apps and permissions are listed below, up to 20; if you have additional apps, please ensure that they are also compliant with the Permissions policy.

Source

Exceptions to Call Log and SMS Default Handler restrictions

The objective of the above restrictions is to protect user privacy. We may grant limited exceptions to the default handler requirement in cases when an app is not the default handler, but abides by all of the above requirements and clearly and transparently provides a highly compelling or critical feature where there is currently no alternative method to provide the feature. Such features will be evaluated against any potential privacy or security impact on users.

Source

Now Android device owners will have more control over their data: they will be able to select which portion of their information will be accessible to applications. Under its Project Strobe initiative, Google updated its permission policy for Google Play software developers: now the call log and SMS permissions are only accessible to the phone and message applications that the user has selected as default call and messaging apps.

Source

Doctor Web is notifying users about Dr.Web Security Space Life’s sudden removal from Google Play.

It has been negotiating with Google for all the application features to remain available to users. However, currently Dr.Web Security Space Life is not available on Google Play.

Source

Apple demanded that the developer remove features facilitating control over applications and blocking access in Safari.

In an article on Kaspersky's blog, the company said Apple only objected to its Safe Kids app after the iPhone maker launched Screen Time for iOS 12. The new feature allegedly had functions similar to Kaspersky's parental control program.

Source