SMS, CALL_LOG Permissions and Contacts Provider API Changes

We are constantly reviewing our Android and Google Play policies, tools, APIs, and programs to ensure a safe and secure ecosystem. As part of these ongoing reviews, this week we are announcing two changes that will be enforced starting January 2019:

  1. CALL_LOG and SMS Permission Policy Change

We have always asked developers to limit permission requests to those needed for their app functionality. For that purpose we are introducing a new Google Play Developer policy that limits how the SMS and CALL_LOG permissions are accessed and used.

Policy: Restrict access to Call Log and SMS Permissions & Data

  • Use of these permissions will be subject to a core app purpose requirement; disallowing any non-core app or service use, including the improvement or operation of other apps or services.
  • Only apps whose core functionality is an allowed use case should seek to access the SMS and CALL_LOG permissions.
    • You can view eligible use cases as well as Permissions Declaration Form process details on the Play Console Help Center.
    • Apps will have until January 9, 2019 to successfully complete and receive approval for Permissions Declaration Forms.
    • In certain cases, additional considerations may be made for Carrier or OEM apps. If there is a use case for which SMS and / or Call Log is critical that is not referenced on the Help Center, please contact your TAM to discuss.
  • Pre-granted and pre-loaded apps should continue to go through the existing process.

For many developer use cases of SMS, there is a viable alternative that enables the same use cases in a way that limits non-necessary access to user data:

  • With the SMS Retriever API, you can perform SMS-based user verification in your Android app automatically, without requiring the user to manually type verification codes, and without requiring any extra app permissions.
  • With SMS Intent, your app can communicate with another app component. You can use the SMS Intent Action to initiate an SMS or MMS text message, and specify message details such as the phone number, subject, and message body.

Detailed information about these changes can be found here:

We are confident these changes are good for users and the Android ecosystem as a whole. All developers who access SMS and CALL_LOG permissions should revisit their use cases to make sure they abide by these new guidelines.

  1. Contacts Provider API Changes

Additionally our system will periodically clear data written to the following fields, starting Jan 2019:

Data from the following fields no longer return frequent contacts:

Consequently, they do not influence the ranking of contacts returned from the following URIs:

  • CONTENT_FILTER_URI
  • ENTERPRISE_CONTENT_FILTER_URI

If your apps are accessing or updating these fields or APIs, use alternative methods.  For example, you can fulfill certain use cases by using private content providers or other data stored within your app or backend systems.

The following set of adb commands can be used to test the contacts interactions clear change:

Delete interactions

adb shell content delete --uri content://com.android.contacts/contacts/delete_usage

Adding interactions

adb shell content query --uri content://com.android.contacts/data --projection _id --where 'data4=\"+14257777777\"' # (the number here must be E164)

adb shell content update --uri 'content://com.android.contacts/data/usagefeedback/349?type=call' --bind x:s:x # (349 here is the result from previous query - the ID)

Querying interactions

adb shell content query --uri content://com.android.contacts/data --projection times_contacted:last_time_contacted --where '_id=349'  # (349 here is the result from previous query - the ID)

Querying frequent contacts

adb shell content query --uri content://com.android.contacts/contacts/frequent

Detailed information can be found here:

作者: RESSRC

个人资源站

发表评论

邮箱地址不会被公开。 必填项已用*标注

此站点使用Akismet来减少垃圾评论。了解我们如何处理您的评论数据