Back in December 2017 Google released a statement, with security and reliability in mind they’ve decided to make big changes to the quality of apps they allow on their store.
Google will require that new apps and updates target a recent Android API level from Q3 onwards
No longer can apps ignore new security requirements like runtime permissions, It’s only now as the deadline approaches that companies are beginning to look at their own apps and get concerned.
Some notable changes and dates:
- Runtime permissions (6.0)
- Doze/Svelte, memory management (6.0)
- Implicit intents for bindService() no longer supported (5.0)
- User CAs not trusted by default for secure connections (7.0)
- Apps can’t access accounts without explicit user approval (8.0)
- August 2018: New apps required to target API level 26 (Android 8.0) or higher.
- November 2018: Updates to existing apps required to target API level 26 or higher.
- 2019 onwards: Each year the targetSdkVersion requirement will advance. Within one year following each Android dessert release, new apps and app updates will need to target the corresponding API level or higher.
Doze is an initiative by Google to limit background services and data from using up battery: while the phone is in standby apps are given brief windows to do some syncs and outstanding work. During standby if an app hasn’t been used in some time the system restricts network and jobs.
Runtime permissions require an app to request a permission during the apps execution, so Snapchat would ask for camera permission when the camera screen is shown. For many users accepting permissions at install time has become second nature, many apps target below Android Marshmallow to avoid asking users for permissions at runtime, some legitimate but others like the infamous flashlight apps aren’t so legitimate.
How we can help
At Mawla we’re experts in Play Store compliance. We’ve been helping companies update their apps and make sure they’re not caught out in November. We’ve helped some great companies update their apps and standardise their codebase. Adding Runtime Permissions, preparing for Doze, handling Foreground Notifications and porting to Kotlin.