The latest Android and Google Play news for app and game developers.
Posted by Edward Cunningham, Android Security & Privacy Team
In a previous blog we described how API behavior changes advance the security and privacy protections of Android, and include user experience improvements that prevent apps from accidentally overusing resources like battery and memory.
Since November 2018, all app updates on Google Play have been required to target API level 26 (Android 8.0) or higher. Thanks to the efforts of thousands of app developers, Android users now enjoy more apps using modern APIs than ever before, bringing significant security and privacy benefits. For example, during 2018 over 150,000 apps added support for runtime permissions, giving users granular control over the data they share.
Today we're providing more information about the Google Play requirements for 2019, and announcing some changes that affect apps distributed via other stores.
Google Play requirements for 2019
In order to provide users with the best Android experience possible, the Google Play Console will continue to require that apps target a recent API level:
Existing apps that are not receiving updates are unaffected and can continue to be downloaded from the Play Store. Apps can still use any minSdkVersion, so there is no change to your ability to build apps for older Android versions.
minSdkVersion
For a list of changes introduced in Android 9 Pie, check out our page on behavior changes for apps targeting API level 28+.
Apps distributed via other stores
Targeting a recent API level is valuable regardless of how an app is distributed. In China, major app stores from Huawei, OPPO, Vivo, Xiaomi, Baidu, Alibaba, and Tencent will be requiring that apps target API level 26 (Android 8.0) or higher in 2019. We expect many others to introduce similar requirements – an important step to improve the security of the app ecosystem.
Over 95% of spyware we detect outside of the Play Store intentionally targets API level 22 or lower, avoiding runtime permissions even when installed on recent Android versions. To protect users from malware, and support this ecosystem initiative, Google Play Protect will warn users when they attempt to install APKs from any source that do not target a recent API level:
These Play Protect warnings will show only if the app's targetSdkVersion is lower than the device API level. For example, a user with a device running Android 6.0 (Marshmallow) will be warned when installing any new APK that targets API level 22 or lower. Users with devices running Android 8.0 (Oreo) or higher will be warned when installing any new APK that targets API level 25 or lower.
targetSdkVersion
Prior to August, Play Protect will start showing these warnings on devices with Developer options enabled to give advance notice to developers of apps outside of the Play Store. To ensure compatibility across all Android versions, developers should make sure that new versions of any apps target API level 26+.
Existing apps that have been released (via any distribution channel) and are not receiving updates will be unaffected – users will not be warned when installing them.
Getting started
For advice on how to change your app’s target API level, take a look at the migration guide and this talk from I/O 2018: Migrate your existing app to target Android Oreo and above.
We're extremely grateful to the Android developers worldwide who have already updated their apps to deliver security improvements for their users. We look forward to making great progress together in 2019.
Posted by Andrew Ahn, Product Manager, Google Play
Google Play is committed to providing a secure and safe platform for billions of Android users on their journey discovering and experiencing the apps they love and enjoy. To deliver against this commitment, we worked last year to improve our abuse detection technologies and systems, and significantly increased our team of product managers, engineers, policy experts, and operations leaders to fight against bad actors.
In 2018, we introduced a series of new policies to protect users from new abuse trends, detected and removed malicious developers faster, and stopped more malicious apps from entering the Google Play Store than ever before. The number of rejected app submissions increased by more than 55 percent, and we increased app suspensions by more than 66 percent. These increases can be attributed to our continued efforts to tighten policies to reduce the number of harmful apps on the Play Store, as well as our investments in automated protections and human review processes that play critical roles in identifying and enforcing on bad apps.
In addition to identifying and stopping bad apps from entering the Play Store, our Google Play Protect system now scans over 50 billion apps on users' devices each day to make sure apps installed on the device aren't behaving in harmful ways. With such protection, apps from Google Play are eight times less likely to harm a user's device than Android apps from other sources.
Here are some areas we've been focusing on in the last year and that will continue to be a priority for us in 2019:
Protecting users' data and privacy is a critical factor in building user trust. We've long required developers to limit their device permission requests to what's necessary to provide the features of an app. Also, to help users understand how their data is being used, we've required developers to provide prominent disclosures about the collection and use of sensitive user data. Last year, we rejected or removed tens of thousands of apps that weren't in compliance with Play's policies related to user data and privacy.
In October 2018, we announced a new policy restricting the use of the SMS and Call Log permissions to a limited number of cases, such as where an app has been selected as the user's default app for making calls or sending text messages. We've recently started to remove apps from Google Play that violate this policy. We plan to introduce additional policies for device permissions and user data throughout 2019.
We find that over 80% of severe policy violations are conducted by repeat offenders and abusive developer networks. When malicious developers are banned, they often create new accounts or buy developer accounts on the black market in order to come back to Google Play. We've further enhanced our clustering and account matching technologies, and by combining these technologies with the expertise of our human reviewers, we've made it more difficult for spammy developer networks to gain installs by blocking their apps from being published in the first place.
As mentioned in last year's blog post, we fought against hundreds of thousands of impersonators, apps with inappropriate content, and Potentially Harmful Applications (PHAs). In a continued fight against these types of apps, not only do we apply advanced machine learning models to spot suspicious apps, we also conduct static and dynamic analyses, intelligently use user engagement and feedback data, and leverage skilled human reviews, which have helped in finding more bad apps with higher accuracy and efficiency.
Despite our enhanced and added layers of defense against bad apps, we know bad actors will continue to try to evade our systems by changing their tactics and cloaking bad behaviors. We will continue to enhance our capabilities to counter such adversarial behavior, and work relentlessly to provide our users with a secure and safe app store.
How useful did you find this blog post?
★ ★ ★ ★ ★
Posted by Dave Smith, Developer Advocate for IoT
Over the past year, Google has worked closely with partners to create consumer products powered by Android Things with the Google Assistant built-in. Given the successes we have seen with our partners in smart speakers and smart displays, we are refocusing Android Things as a platform for OEM partners to build devices in those categories moving forward. Therefore, support for production System on Modules (SoMs) based on NXP, Qualcomm, and MediaTek hardware will not be made available through the public developer platform at this time.
Android Things continues to be a platform for experimenting with and building smart, connected devices using the Android Things SDK on top of popular hardware like the NXP i.MX7D and Raspberry Pi 3B. System images for these boards will remain available through the Android Things console where developers can create new builds and push app updates for up to 100 devices for non-commercial use.
We remain dedicated to providing a managed platform for IoT devices, including turnkey hardware solutions. For developers looking to commercialize IoT products in 2019, check out Cloud IoT Core for secure device connectivity at scale and the upcoming Cloud IoT Edge runtime for a suite of managed edge computing services. For on-device machine learning applications, stay tuned for more details about our Edge TPU development boards.
Posted by Chris Banes, Chief Elf of Android Engineering
Today, we pushed the source code for Google's Santa Tracker 2018 Android app at google/santa-tracker-android, including its 17 mini-games, Santa tracking feature, Wear app and more!
Visually the app looks much the same this year, but underneath the hood the app has gone on a massive size reduction exercise to make the download from Google Play as small as possible. When a user downloads the app the initial download is now just 9.2MB, compared to last year's app which was 60MB. That's a 85% reduction! 🗜️
We achieved that reduction by migrating the app over to using an Android App Bundle. The main benefit is that Google Play can now serve dynamically optimized APKs to users' devices. Moreover, we were also able to separate out all of the games into their own dynamic feature modules, downloaded on demand. This is why you might have seen a progress bar when you first opened a game, we are actually downloading the game from Google Play before starting the game:
The progress bar shown while a game is fetched from Google Play
You can read more about our journey migrating over to App Bundle in a small blog series, starting with our 'Moving to Android App Bundle' post.
One of the new features we added this year was a Gboard sticker pack, allowing users to share stickers to their friends. You might even notice some of the characters from the games in the stickers!
'Santa Dunk' is one of the 20 available stickers
We use Firebase App Indexing to publish our stickers to the local index on the device, where the Gboard keyboard app picks them up, allowing the user to share them in apps. You can see the source code here.
The sticker pack being used in a very important conversation
Aside from the things mentioned above, we've also completed a number of code health improvements. We have increased the minimum SDK version to Lollipop (21), migrated from the Support Library to AndroidX, reduced the file size of our game assets by switching to modern formats, and lots of other small improvements! Phew 😅.
If you're interested go checkout the code and let us know what you think. If you have any questions or issues, please let us know via the issue tracker.
Posted by Kacey Fahey, Developer Marketing, Google Play
We're excited to be part of the Game Developers Conference (GDC) 2019 in San Francisco. Join us on Monday, March 18th at the Google Mobile Developer Day, either in person or over live stream, for a full day of sessions covering tools and best practices to help build a successful mobile games business on Google Play. We'll focus on game quality, effective monetization and growth strategies, and how to create, connect, and scale with Google.
This year's sessions are focused on tips and tools to help your mobile game business succeed. Come hear our latest announcements and industry trends, as well as learnings from industry peers. We will hold a more technical session in the second half of the day, where we'll share ways to optimize your mobile game's performance for the best possible player experience.
Also, make sure to visit the Google booth from Wednesday March 20th until Friday March 22nd. Here, you will be able to interact with hands-on demos, attend talks in the theater, and get your questions answered by Google experts. We're bringing a big team and hope to see you there.
Learn more about Google's activities throughout the week of GDC and sign up to stay informed. For those who can't make it in person, join the live stream starting at 10am PST on Monday, March 18th. These events are part of the official Game Developers Conference and require a pass to attend.
Posted by Chris Yang, Program Manager, Translation Service
It is not uncommon for developers to have the following concerns and thoughts when considering whether to localize their apps: "I just don't have the time!" "Translation is too expensive." "High-quality translation is just hard to find.'' Does this sound familiar?
At Google, we consider translation a key component of making the world's information universally accessible and useful. This commitment extends not only to localizing our own products, but also to providing tools to help developers and translators more easily localize their apps.
Introducing the Google Play App Translation Service
Available in the Google Play Console, the Google Play App Translation Service simplifies localization of your app user interface strings, store listing, in-app product names, and universal apps campaign ads. Thousands of developers have already used this service to reach hundreds of millions of users worldwide.
Here is an overview of some of the ways it can help:
1. Quick and easy - Order in minutes and receive your translation in as little as two days.
2. Professional and human - Get high-quality translations by real human translators.
3. Value for money - Translate your app for as little as $0.07 per word.
Ordering a Translation
Find the Translation Service in the Google Play Console:
When you're ready to translate, just select the languages to use for translation, choose a vendor, and place your order.
Select languages to translate into.
Choose what type of content you want to translate.
Easily complete purchase of the service.
Language recommendations
You can also expand your global footprint with translation recommendations that can help increase installs. The recommendations can be found in the Google Play Console.
The language recommendation feature is developed using machine learning and is based on your app's install history and market data.
Did you know that you can reach almost 80% of internet users worldwide with only 10 languages. In particular, the Google Play opportunity in Russia and the Middle East continues to grow. Let us know once you have localized for these markets so we can consider featuring your app or game in the Now in Russian and Now in Arabic collections on the Play Store.
Launching the translation
Once you download the translation, you'll be ready to publish your newly translated app update on Google Play.
Get started with the App Translation Service today and let us know what you think!