Google Play Tweaks Package Visibility: Most Apps May Not Scan Installed Apps

Google Play

Android is a very capable and powerful operating system. Unlike its iOS nemesis, Android is much more flexible, and friendlier to most developers.

But that creates issues, especially in terms of user privacy. Android Apps tend to have more access to a device when they are installed, if compared to iOS that requires them to be sandboxed.

But Google is trying to improve the operating system, in each new versions.

And starting Android 11, the Query_All_Packages permission will be flagged as "sensitive" on the Play Store.

What this means, Google's reviewing process will restrict the permission only to those apps Google feels really need it.

Query_All_Packages essentially grants an app to read users' entire app list. This can contain all sorts of sensitive information, including dating preferences, banking information, password management, political affiliation and much more.

This is why it makes good sense for Google to simply lock this permission down.

On a support page, Google announced that:

"The inventory of installed apps queried from a device are regarded as personal and sensitive user data subject to the Personal and Sensitive Information policy."

On Android, apps that are meant to purpose the launch, search, or interoperate with other apps on the device, may obtain scope-appropriate visibility to other installed apps on the device through what Google calls the Package Visibility.

For example, the Broad App Visibility is allowing apps to have extensive (or “broad”) visibility of the installed apps (“packages”) on a device. This can be done through the QUERY_ALL_PACKAGES.

With the update, apps may not use permission if they can operate with a more targeted scoped package visibility declaration.

Using alternative methods to approximate the broad visibility level associated with this permission is also restricted to user-facing core app functionality and interoperability with any apps discovered via this method.

The second way, is by using the Limited App Visibility, which is when apps minimize their access to data by querying for specific apps using more targeted (instead of “broad”) methods.

Developers may use this method to query for apps in cases where their app has policy compliant interoperability, or management of these apps.

Android - query_all_packages

In another blog post, Google said that the QUERY_ALL_PACKAGES permission only takes effect when apps target Android API level 30 or later on devices running Android 11 or later.

"To use this permission, your app must fall within permitted uses below, and have a core purpose to search for all apps on the device. You must be able to sufficiently justify why a less intrusive method of app visibility will not sufficiently enable your app's policy compliant user facing core functionality. Core functionality is defined as the main purpose of the app. Without this core ability to search for all apps on the device, the app is 'broken' or rendered unusable. The core functionality, as well as any core features that comprise this core functionality, must all be prominently documented and promoted in the app's description."

On the post, Google listed some allowable use cases of Play Store apps querying for users' app list.

The apps include "device search, antivirus apps, file managers, and browsers," with Google adding that "apps that must discover any and all installed apps on the device, for awareness or interoperability purposes may have eligibility for the permission."

There's also an exception for financial apps like banking apps and P2P wallets, which Google said that "may obtain broad visibility into installed apps solely for security-based purposes."

Google's update policy also stated that "[a]pp inventory data queried from Play-distributed apps may never be sold nor shared for analytics or ads monetization purposes."

Besides this app package list restriction, Google Play Store also flags several other APIs as "sensitive," subjecting them to a closer review and requiring developers to justify their use. Apps using the powerful accessibility APIs, background location APIs, SMS and phone apps, and full file access APIs are all subject to Google's individual approval.