Google Changes Developer & App Guidelines For Security


Google has announced that their security protocols in relation to developers and apps in the Play Store will be changing in response to recent security threats. Specifically, Google is making some changes to the processes involved in verifying developers' intentions with traditional and web apps, as well as the steps taken to verify an app before it lands in the Play Store. The changes are aimed at providing greater security for users, which means a bit of additional work and longer wait times for developers. Web applications will also end up needing a bit more review time depending on their function and permissions, with some needing between 3 and 7 business days for Google to review them by hand.

Web apps that require special user permissions are hit the hardest by the new verification rules. While awaiting review, they'll simply show an error message instead of the usual prompt for a user to accept requested permissions. Reviews can be requested during the testing phase for now, but Google will enable developers to request a review during the registration phase at some point. Developers of traditional apps will see their works come under additional scrutiny regarding naming, and any content that could mislead a user, intentionally or otherwise. Google did not mention an increase in turnaround time for these apps going into the Play Store, but until all the bugs are worked out of the system, developers can expect to see error messages in the API Console, App Script, and Firebase Console.

These changes come on the heels of a powerful and clever phishing attack that was aimed at Google Docs users. By hooking a fake Docs app into Google's real login system, the fraudulent app's developer was able to get their hands on the login information of many an off-guard user. Obviously, this gave the hacker the ability to access any part of the victim's digital life that they had previously linked to their Google Account, up to and including social media and financial applications. For many, full-on identity theft became possible. A move like this ensures that such an attack won't happen again, but social engineering attacks will always keep growing more clever and convincing.

Share this page

Copyright ©2017 Android Headlines. All Rights Reserved.

This post may contain affiliate links. See our privacy policy for more information.
Senior Staff Writer

Daniel has been writing for Android Headlines since 2015, and is one of the site's Senior Staff Writers. He's been living the Android life since 2010, and has been interested in technology of all sorts since childhood. His personal, educational and professional backgrounds in computer science, gaming, literature, and music leave him uniquely equipped to handle a wide range of news topics for the site. These include the likes of machine learning, Voice assistants, AI technology development news in the Android world. Contact him at [email protected]

View Comments