Did you know? Your SDKs can actually get you kicked out and banned from Google Play. Even the reliable ones. It’s not something we often think of, but it’s a thought we should always keep in mind…read on to find out how this may happen, what’s OK and what’s not, along with some things you can do to keep your app off the naughty list.
Getting banned from Google Play isn’t necessarily exclusive to bad guys. There’s no greater nightmare for app developers than losing Google Play’s trust and being banned. Still, the internet is loaded with stories and cautionary tales of app developers that have found themselves out of the game, left to wonder what went wrong.
Google play is updating its policy every now and then and adds more requirements / restrictions. Sure, I could just ask you to memorize the entire policy by heart, but sometimes the blame doesn’t lie with you, but with the SDKs you’ve integrated into your app. Here are some SDK-related violations that you should pay extra attention to:
Ads at the Wrong Time, In the Wrong Place
Google Play imposes some restrictions when it comes to user experience and ads. For example, There are some important rules when it comes to the how, when and where ads are displayed in your app. Users must be able to close them freely, quickly and at ease; They mustn’t be redirected to another site when they hit the desired X button; You’re not allowed to overlay messages or notifications over other apps either. Some monetization SDKs, however, are not exactly following these requirements.
Protect Your Users’ Secret Identity
Extracting ads-related user data is also a big no-no. You and Your SDKs should always use the Advertising ID for targeting ads to a user, but under no circumstances are you ever allowed to attempt and connect that ID to the specific device or user identity. John Doe should always be cloaked by his Advertising ID and linking between the two is strictly forbidden. In fact, you should only use the Advertising ID for presenting ads or conducting analytics, otherwise your app faces grave consequences to the extent of being banned.
Still, some SDKs do extract user data, for purposes other than allowed. It might just be an honest mistake, but it could also simply be means to support their business interests. Anyhow, if your SDKs are extracting user data, with no justification, this may put your app at risk.
Saying it with Texts & Emails: Informed Consent
If your app relies on SDKs to enhance its chances of going viral, it may be trying to reach more users by sending promotion messages to your existing users’ contacts. Just bear in mind that Google forbids triggering a text or e-mail from inside the app without showing the exact content to the user, so make sure your SDKs adhere to these rules and regulations when dealing with this kind of data.
Data privacy: The Importance of Being Aware
In many cases, you’re not allowed to obtain certain information about your users. There are a wide variety of restrictions that dictate what you can and cannot do. For instance, SDKs often collect location data whenever possible to better target ads and reach a larger market share. This can sometimes, even unintentionally, be in violation of Google Play regulations. For example, you cannot collect GPS location data from minors under the age of 13, a fact that the company BabyBus discovered all-too-late as they were promptly suspended from the Google Play store due to an analytics SDK that collected location data on their underage users.
Always make sure that both you and your SDKs do it legally and correctly. Make sure you know which data is collected by the SDKs you’ve integrated.
Steps you may want to take
There are a number of steps you can take to ensure that your app doesn’t succumb to the pitfalls of the Play store privacy rules and regulations, especially when you are integrated with external SDKs:
- Read the Google Play developers policy. A little dull perhaps, but vital nonetheless.
- Then Read it again.
- Choose SDKs with good reviews and high score in the SafeDK Marketplace. Make sure to explore the permissions required by each SDK and see they are compatible with any regulation you might need to comply with.
- Implement the SafeDK In-App Protection solution, to get real time alerts on suspicious SDK behavior and to be able to remotely deactivate an SDK that you’ve found to be naughty.
- Just a thought: You may want to prioritize SDKs that are trusted by top app players, as they may be more cautious. You can use our App X-Ray to reveal which SDKs are used by every free Android app out there.
As you can see, Google are a little stricter than you might have originally thought, as well as they should be. Be sure to play nice, or risk being told goodbye and banned from Google Play.
Remember, it’s not enough to be a law-abiding citizen when throwing a kick-ass party. You’re also responsible for your guests. Make sure the SDKs you use aren’t spiking the punch…