Google is the most trustworthy name in the tech industry, considering the fact that a majority of tech tools used today come from this provider. With fame and popularity come huge responsibilities as well and this is one brand that takes them very seriously. The most important responsibility that it is obligated to fulfill is that of data security across the apps, considering the fact that millions of users share their personal information with them. While this will make business apps more credible from the security point of view, there will be some changes lined up for Android app development in the future.
As one of its latest initiatives in this direction, Google will revamp Gmail for Android to enhance its security manifold. The changes will mostly be associated with app permissions from the Android users; even though the may impact the permission process, the apps will excel on the security front because of these changes. The changes will impact businesses as well as they will have to gear up to adopt the new Google guidelines related to app security. Besides ensuring that new apps are developed keeping these guidelines in mind, the existing ones will require some security-related tweaks too. Let us see what is to be expected as Google presents Gmail for Android with changes that drive security enhancements.
Flexibility in permission to access
The key change in this initiative is related to the permission to access the user account data. Earlier, Google sought the user’s permission to access the account data such as Gmail, Drive, or Calendar at the same time. But this permission will now be taken separately for the data, which means that the user has the flexibility to allow or deny access to specific account data. This enables them to share the data with third-party apps selectively.
Option to delay permissions
Besides enabling separate permissions for data, users can also delay permissions with the new changes by Google. For instance, an app asks for user permission to access the camera if it wants to access the phone gallery. The user may or may not be willing to grant it right away, as he may not be sure that he will retain it on the device in the long run. Google will now provide options such as “deny this time” or “allow this time” instead of “deny” or “allow” to give more control to the users.
Data limitation for the apps
Another crucial change that Google will make will be in the context of data limitation, with control over the data that apps will be able to access from the Gmail and messaging. With this initiative, Google wants to restrict the sensitive data from the Gmail account as well as ensure that apps are not able to access it from the call logs and messaging history unless the user wants them to do so.
Restrictions on app developers
Not only do the changes strengthen device-specific security, but places several restrictions on Android app developers as well. They will not be allowed to sell or share any user data for marketing and email campaign tracking purposes. The change will probably have a far-reaching impact on certain business models, specifically the ones that sell user data to third parties. Furthermore, there will be additional scrutiny on the permissions that developers seek from the users to ensure that whether they are actually needed or are just frivolous.
Reporting requirements for apps using Gmail data
Apps that require Gmail data for handling the users will have to provide a detailed report for the same. These reports will need to include details related to application penetration testing, account deletion verification, information security policies, vulnerability disclosure programs, and more. These restrictions are likely to bring considerable changes in Android app development process too.
The thought behind these changes is attributed to a bug that was detected inside Google+ and was responsible for revealing non-public profile data to the apps which were meant to get access only to public profile data. This led to Google coming up with these changes as a part of Project Strobe to increase the security of Google account users. The new changes are likely to go into effect by early next year, with app reviews to be taken for identifying the ones that will not meet the security standards in the coming time. In fact, developers who are tardy in this context will probably see their apps stop working by the first quarter if they fail to comply with the requirements.
For businesses, it is best to have their existing apps reviewed well in time. Additionally, those planning to invest in mobile app development for the first time need to ensure that the new apps adhere well with the compliance guidelines. It is best to join hands with an application development partner who has the right skill and expertise for creating secure apps as well as making the requisite changes in the existing ones. Mobibiz is a reputed Android app development company that holds credibility in this domain. Discuss your requirements with us and we will have a solution to improve your existing app or build a new one with the relevant security features.