Google Play Store Announces New Standards In Countering Misinformation And Improving Security

 

Google has unveiled new Play Store policies designed to reduce the spread of misinformation, limit advertiser behaviour, address alarms, VPNs & impersonation issues and enhance security.

The app marketplace is constantly in flux, and app store proprietors must adjust their policies accordingly to keep up. Today, Google announced a bevy of Google Play Store policies that will go into effect over the coming months.

These changes extend to different areas, where they may result in small to significant impacts for both developers and users of the app.

Some of these changes will be apparent only to developers - like restrictions on showing advertisements in certain unexpected ways.  However, other changes like subscription interruptions should be immediately apparent to users.

About these policy updates, Google stated, “All new and existing apps will receive a grace period of at least 30 days from July 27, 2022 (unless otherwise stated) to comply with the following changes.”

The policies that came into effect are:

  1.      
    1. Impersonation Effective August 31, 2022
    2. Better Ads Experiences  Effective September 30, 2022
    3. Subscription Management, Cancellation & Refunds Effective September 30, 2022
    4. Flag Secure Requirements Effective November 01, 2022
    5. Families Self-Certified Ads SDK Program Effective November 01, 2022
    6. Exact Alarm Permission Effective July 31, 2023
    7. Ads and Monetization  Date Not Specified
    8. Restrictions to Stalkerware  Date Not Specified
    9. VPN Service  Date Not Specified

     

Let’s briefly look at each of these policies and understand what they state and what impact they can have on a user or a mobile app developer.

1) Impersonation - Effective August 31, 2022

What Does This Policy State?

Android Play Services will not permit apps that deceive users by imitating someone else, for example, another developer, company, or entity. They strictly suggested not to give the impression that your app is connected to or endorsed by someone that it is not, and to be mindful not to use app icons, descriptions, titles, or in-app elements that could lead users to believe your app's relationship to someone else or another app is something it is not.

Impact on Users/ Developers:

Every application would be needed to have its uniquely identifiable brand image. More important than that, fake It would decrease any confusion on the user front when 

2) Better Ads Experiences - Effective September 30, 2022

What Does This Policy State?

Inspired by the Better Ads Standards - Mobile Apps Experiences guidelines, some restrictions on showing ads were drafted. For example - Advertisements that appear during the game, play at the beginning of a level, or during the beginning of a content segment are not permitted.

Impact on Users/ Developers:

Because advertisements must comply with Google’s high standards, users can be confident that they will not be surprised or frustrated by unexpected ads when using Google Play apps.

3) Subscription Management, Cancellation & Refunds - Effective September 30, 2022

What Does This Policy State?

If you provide subscriptions in your app(s), you must clearly disclose how a user can manage or cancel their subscription within the app. Your app must also provide users with a straightforward way to cancel their subscription online. 

Impact on Users/ Developers:

Users will experience an improved, easier way to manage their in-app subscriptions.

4) Flag Secure Requirements - Effective November 01, 2022

What Does This Policy State?

The FLAG_SECURE display flag indicates that an app's UI contains sensitive data that should only be displayed on a secure surface, such as the app itself. This flag is designed to prevent data from appearing in screenshots or from being viewed on non-secure displays.

Applications classified as Accessibility Tools are not subject to this requirement, provided they do not send, save, or cache FLAG_SECURE protected content for use beyond the user's device.

All other applications distributed through Google Play are required to respect the FLAG_SECURE declaration of other apps. This means that apps must not enable or create workarounds to bypass the FLAG_SECURE settings of other apps.

Impact on Users/ Developers:

Developers use this flag when the app's content should not be broadcast, viewed, or transmitted outside of the app or users' device, improving a secure & private app experience for the users.

5) Families Self-Certified Ads SDK Program - Effective November 01, 2022

What Does This Policy State?

If your app's target audience includes children (as defined in Family Policy), then you must only use ad SDKs that have self-certified compliance with Google Play policies. If your app's target audience includes both children and older users, you must use self-certified ads SDKs to show ads to children. Apps designed for the Families program are required only to use self-certified ads SDKs.

Impact on Users/ Developers:

As a developer, you will have to self-certify that all new version releases of your app meet the latest Google Play Developer Program Policies, including Families Policy Requirements.

6) Exact Alarm Permission - Effective July 31, 2023

What Does This Policy State?

New permission, USE_EXACT_ALARM, will be introduced with Android 13 (API target level 33), granting apps access to exact alarm functionality. This permission is Applicable to alarm, timer, and calendar kinds of apps and is restricted permission.

Impact on Users/ Developers:

Apps that declare this restricted permission are subject to review, and those that do not meet the acceptable use case criteria will be disallowed from publishing on Google Play.

7) Ads and Monetization -  Date Not Specified

What Does This Policy State?

Your app's monetization and advertising must not contain any deceptive content or be designed in a way that will result in accidental clicks from child users. If you're monetizing an app that targets children on Google Play, it's essential that your app follows the Families Ads and Monetization Policy Requirements.

Impact on Users/ Developers:

Google Play will re-authenticate all users before any in-app purchases in apps participating in the Designed for Families program. This is to help ensure that the person responsible for paying, not the children, approves purchases.

8) Restrictions to Stalkerware - Date Not Specified

What Does This Policy State?

This policy applies to apps that are only meant for monitoring another person. For example, parents who want to keep track of their kids or enterprise management for employee monitoring. These apps are not allowed to track anyone else (like a spouse) even if they have permission, and their activity is constantly displayed.

These apps must have the IsMonitoringTool metadata flag in their manifest file to show that they are designated as monitoring apps.

Impact on Users/ Developers:

It will help to minimize the impact of digital abuse through stalkware.

9) VPN Service - Date Not Specified

What Does This Policy State?

The VPN service is a base class that provides the security and functionality needed to create a secure device-level tunnel to a remote server. This makes it an essential tool for apps that use VPN as their core functionality, with a few exceptions specified in the google play policies.

Impact on Users/ Developers:

Core VPN apps will remain unaffected; however, as app researcher, Mishaal Rahman observed, apps that block tracking, such as DuckDuckGo’s App Tracking Protection, could be impacted. The company has stated that they do not see any effect on the tool yet but will continue monitoring the situation.

In addition to new policies, they also shared clarification on these 10 pre-existing policies:

1. Child Endangerment

2. Families Policy Requirements

3. Health Content and Services

4. Illegal Activities

5. Misleading Claims

6. Inappropriate Ads

7. Made for Ads

8. Gambling Apps

9. Sensitive Events

10. Data safety section

If you’re keen on knowing about these changes, feel free to read through the Developer Program Policy: July 27, 2022 announcement by Google.

Takeaway

It is positive that Google is taking measures to prevent the use of stalkerware and similar apps. However, inevitably, some normal apps will also be affected by these changes. For instance, will the search engine DuckDuckGo now be in trouble because its app has a VPN that can block ads on a device?



Published on Aug 4, 2022
Shivani Dhiman
Written by Shivani Dhiman
Content Marketing Manager at Appknox

Questions?

Chat With Us

Using Other Product?

Switch to Appknox

2 Weeks Free Trial!

Get Started Now