Along with making adjustments to improve the privacy profile of apps on its Play Store, Google is also attempting to improve security with the impending policy changes.
Previously, Google’s Device and Network Abuse policy allowed it to take action against apps that “interfere with, disrupt, damage, or access in an unauthorized manner the user’s device, other devices or computers, servers, networks, application programming interfaces (APIs), or services.”
Google’s policies also prohibited Google Play apps from altering or upgrading themselves outside of the Google Play update system, as well as introducing or exploiting security flaws.
Following the release of the security company’s findings, Mintegral deleted the MTGBaseBridgeWebView code, Snyk stated, and the China-based ad-tech business has subsequently written about its support for Apple’s SKAdNetwork attribution API, implying it may have corrected the claimed rules breaches.
Mintegral’s SDK presently complies with Apple and Google’s respective store rules, but we haven’t received a response.
After being checked by Google Play’s “Bouncer” malware scanning, they were able to enable harmful functionality.
There will be a particular restriction against the abuse of translated languages starting in mid-October. And it could help if Google makes a concerted attempt to enforce its policies.
Another significant policy change is that personal data used in Google Play apps must be disclosed and accurate. Google’s existing User Data policy suggests but does not explicitly mandate accuracy – a need set out in other sections on Misrepresentation and Deceptive Behavior.
The correct disclosure obligation goes into effect on April 1, 2022, which is April Fool’s Day in the United States, the United Kingdom, and a number of other nations.