A few hours ago, the company announced its “not shocking” intention to shut down Google+ social network as a result of a “shocking” data breach.
Now, in order to prevent the abuse and potential leakage of confidential data to third-party application developers, Google has made several important changes to help users better control the type of data they prefer to use for each application.
The changes are part of the Google Strobe project from Google, a “root and industry” third-party analysis of access to Google account data and an Android device and its idea of accessing application data.
Limited access to call logs and message permissions for applications
Google announced new changes in how permissions are allowed for Android apps to prevent potential abuse and leakage of confidential call logs and text log data by third-party developers.
Although applications require only authorization if they are necessary for proper operation, any Android application can request permission to access your phones and SMS data unnecessarily.
To prevent users from monitoring and commercial spyware, Google has finally incorporated a new rule into its Google Play developer policy, which now restricts the use of call and SMS log permissions for your phone. or your default SMS apps.
“Only those applications that you have chosen as the default application for making calls or sending SMS, can make these requests. (There are exceptions, such as voice mail and backup applications.), A said Google.
The Gmail API is limited to a limited number of applications
Because APIs allow developers to access your sensitive data from your Gmail email account, Google finally decided to limit access to the Gmail API to applications that directly improve messaging features, such as messaging, email backup services, and promotion services. performance.
New privacy interface for third-party applications
When a third-party application requests that users access their Google account data, click “Allow” to simultaneously allow all requested permissions, giving malicious applications the opportunity to encourage users to grant powerful permissions.
But now Google has updated its account authorization system, which requests each requested authorization separately, rather than all at the same time, giving users more control over the type of account data that they have chosen to exchange every application.
Since the changes took effect today, the developers received 90 days (January 6) to update their applications and services. After that, the updated developer policy will be automatically applied.
In addition to these changes, Google is announcing new gadgets and Pixel devices at its third annual Made by Google event in New York in the coming hours at 11 am