Most of the Android malware scares we hear about originate in shady third-party marketplaces, but that doesn’t mean there’s nothing suspicious in the Play Store. Google has announced a series of changes to make the apps safer and less annoying for users. In fact, one of the first moves will limit how long intrusive video ads can be.
The first change won’t be immediately apparent to users, but it could have a positive impact on your battery. On July 31, Google will begin enforcing stricter limits on the use of exact alarms. An “alarm” in this context is a trigger that wakes up your device so it can perform a task. Any apps targeting the latest version of Android will need to use the new USE_EXACT_ALARM permission if they need to wake your phone from a low-power state without delay. However, only apps that really need this, like timers and event notifications, will be allowed to do so.
Starting Sept. 30, developers will have to limit the length of full-screen video ads. Those are a common feature in free apps, which insert the videos between levels (if you’re lucky) or right in the middle of gameplay (if you’re not). Going forward, these ads must be dismissable after no more than 15 seconds. However, if you’re using an app that lets you watch videos to unlock content or features, those ads can be longer.
At the end of August, Google will implement a number of changes aimed at improving security and safety. For one, the new impersonation guidelines mean apps won’t be able to use misleading icons that make them appear to be affiliated with governments or organizations. Google offers a few examples of icons that will be forbidden after the change. Google will also ban apps that “contradict existing medical consensus” and harm users.
Another August policy change is something I’m surprised Google didn’t ban a long time ago. Android supports a feature called FLAG_SECURE, which allows developers to indicate an app has sensitive information and should not allow screenshots. This is common for streaming and banking apps. Google will no longer permit apps that attempt to bypass this feature to record content on the screen. The lone exception is screen reader accessibility tools.
Finally, Google is cracking down on VPN apps in the Play Store. Beginning on Aug. 31, apps in the Play Store will not be allowed to access the VPN functionality of Android if they are collecting personal information, manipulating traffic, or manipulating ads. Google will still allow some exceptions like apps for parental control, app usage tracking, and network analysis tools. However, there is some concern this could affect valid, privacy-preserving features like DuckDuckGo’s app tracking prevention. Even if that’s not the intention, Google’s app reviewers often apply the rules with little regard for it.