• 5,736,767
    REGISTERED
  • 54,361
    ONLINE NOW

Posts Tagged: Google Play

Google Play Store Permissions Fix

Just a few days ago, we talked about how recent changes to the Google Play Store permissions system potentially open the door to a world of new rogue applications. For those in need of a quick refresher, this all boils down to Android’s entire permission system being collapsed into 13 categories. Users running the latest versions of the Play Store are by default only shown the applicable categories, rather than individual permissions themselves. And to make matters worse, permissions changes are not even presented to the user when updating apps if they fall into existing permission categories.

Needless to say, the latest changes to the Google Play Store are pretty unfavorable from a security standpoint. And although the shift to permissions categorization may be good for novice users who have difficulty understanding more granular permissions, it helps no one when permission changes within any given category are not shown.

Luckily for security-conscious users, there is now a solution for the security issues introduced into the latest versions of the Google Play Store, and it comes in the form of an Xposed Module from XDA Forum Moderator GermainZ. With this module, the Play Store will now default to show you every single permissions that is requested. And more importantly, you will now have to manually allow application updates that ask for new permissions, regardless of parent category.

It’s unfortunate that in trying to make the Play Store more user friendly that Google has chosen to severely curtail user privacy and security. Luckily, however, the aftermarket development community has pulled through yet again to bring back what Google has taken away. You can get started by heading over to the module thread.

[Many thanks to Forum Moderator Whiskey103 for the tip!]

Screenshot_2014-06-10-05-17-48

XDA is normally about the latest and greatest. Whether we’re talking about the latest firmware revision or device, most people in the Android tech community favor being on the bleeding edge. Sometimes, however, the latest isn’t necessarily the greatest or the best way forward. As we recently covered here on the XDA Portal, Google released a new version of the Play Store, which among other things, allows the use of PayPal to purchase apps and simplifies the permissions interface shown to users.

Under this happy facade, however, is a somewhat more sinister change. The permissions system in Android, which has protected users since Android hit consumer devices in 2008, was significantly (and fairly quietly) watered down by Google in this Play Store update. Previously, when an application update requested additional permissions, users would be notified and have to accept the change before updating. This continued when automatic updates were introduced, as applications with permission changes would require a manual update and approval of the new permissions.

This system worked fairly well. If an app changed its permission needs, you’d be notified, and could choose whether to accept the update. With the most recent Play Store update, however, users are not told about certain permission changes if they don’t result in the addition of permissions to a new group. Given the sheer breadth of permissions a group now covers, this effectively leaves Android with only 13 permissions. An application can quietly update itself in future, to grant itself access to further permissions within a group, with the user left none the wiser.

Once an app is granted an individual permission within a group, that application has the ability to add any other permissions from the group in a future update, without users being notified of the change. To quote Google:

You won’t need to manually approve individual permissions updates that belong to a permissions group you’ve already accepted.

For example, contacts and calendar permissions are now grouped into one. An app with the ability to read your contacts could, without you receiving clear and prominent notices, add calendar permissions to the group. This would allow the application full access to snoop through your calendar, and even send Emails to calendar appointment guests, without your consent.

Likewise, the “Phone” permissions group allows access to directly call phone numbers, which is useful in a variety of different contexts. However, it also contains permissions to read and write call logs, reroute your outgoing calls to different destinations, and make calls without your intervention.

Google also made the decision that users shouldn’t necessarily be aware if applications have access to the Internet, so this permission is now hidden under “other,” meaning that by default, users won’t see it. Their rationale is that most apps use Internet access, and therefore users don’t need to know. Funnily enough, one of the best ways to actually protect your privacy is to prevent apps from communicating with the Internet. After all, if an app cannot send home the data it gathers about you, you are quite well protected. Obviously there’s more than one way to skin a cat, but if users want to be safe, they need to have information about whether or not an application uses the Internet. Thus, Internet access to apps should not be a given, in this day and age of privacy concerns. This shows that Google is out of touch with user privacy, once again.

So what can we do about this? For now, the best thing to do is ensure you disable automatic updates for apps, and carefully and diligently review the permissions requested by expanding all of the categories. You could also consider using an app that lists the individual permissions used by each application.

Redditor iamtubeman posted a thread where he talks about this further, and demonstrates just how an application with a tiny number of permissions could be used as a gateway into your device with an updated version with much more intrusive permissions. For example, he created an application using:

android.permission.GET_TOP_ACTIVITY_INFO 
android.permission.GET_ACCOUNTS 
android.permission.ACCESS_COARSE_LOCATION 
android.permission.WRITE_CALL_LOG 
android.permission.READ_EXTERNAL_STORAGE 
android.permission.SUBSCRIBED_FEEDS_WRITE

This was able to be updated to allow the following additional permissions, none of which the user would be explicitly warned about.

android.permission.READ_HISTORY_BOOKMARKS 
android.permission.READ_PHONE_STATE 
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS 
android.permission.READ_SMS
android.permission.RECEIVE_MMS 
android.permission.RECEIVE_SMS 
android.permission.SEND_SMS 
android.permission.WRITE_SMS 
android.permission.WRITE_EXTERNAL_STORAGE 
android.permission.MOUNT_FORMAT_FILESYSTEMS 
android.permission.MOUNT_UNMOUNT_FILESYSTEMS 
android.permission.SUBSCRIBED_FEEDS_READ 

And there you have it. Your app with fairly standard permissions could now (after a small update that says nothing about the permissions)  monitor and store your browsing habits, indexed by your IMEI number. Meanwhile, you would be getting tracked by GPS in real time, with your location data being constantly uploaded. The SMS messages you send and receive would also be getting scanned and monitored, and their contents indexed, along with all your documents and files on your SD card, including your photos (to try and find photos of yourself). Then once those compromising holiday snaps have been located and your intimate browsing history has been extracted, your device could be wiped. You could then be contacted by SMS, demanding money, otherwise your browsing history would be sent to your boss, along with your compromising holiday snaps.

This is not some sci-fi film plot, or storyline from Watch Dogs; this is something that could be done today, on your phone, without you even knowing about it. I believe there is a need for Google to take action quickly to not only reverse this change, but head in the other direction and make users much more aware of what is happening on their phones.

How can we fix this?

It’s easy for writers to criticize and complain, but few offer their own solutions. So here goes, with how I would solve this problem. First, Google is going in the wrong direction with regards to privacy. Apple, the epitome of simplicity and having decisions made for you, introduced a number of good privacy features in iOS 8. Being a closed source operating system, however, these changes are of no use to the tweaking community. However, it does show that the market is heading towards enhanced privacy. To that end, iOS 8 will use random MAC addresses when scanning for WiFi networks, in order to help prevent tracking of individuals around shopping malls and other public locations that try to identify users based on their phone WiFi signals.

Having ascertained that the market needs to move towards greater user control (with iOS 8 again adding a specific warning when a keyboard application tries to access the Internet in order to prevent keyloggers), I think it’s time to define some better categories, with clearer warnings of the risks they pose to when their constituent permissions granted. In an ideal world, you would be able to grant these permissions in real time, and be able to deny access to permissions:

  • Your Identity - These permissions allow apps to identify you or your device uniquely, and could be used to track you. You should avoid giving these permissions to apps you do not trust entirely, as they can identify you uniquely, either by name and email address, or by your device’s serial numbers.
  • Your Data - These permissions allow applications to access data you hold on the phone. This may include your photographs, videos or documents you have stored on your device. You should only grant these permissions to apps you trust
  • Your Communications - These permissions allow applications to see who you communicate with, and the contents of messages, as well as to make communications of its own. You should only grant these permissions to apps you trust to not steal or sell your private information
  • Your Surroundings - These permissions grant applications to record audio and video from your device camera and microphone. You should be cautious of applications which use these permissions, as they can listen to you without your knowledge, or take photographs/videos of you or your surroundings without your knowledge
  • Your Location – These permissions allow applications to access your geographical location with various degrees of precision. You should not grant this permission unless you trust that the app cannot share this information with other people. Accurate location data can identify where your house or workplace is, or indeed where in a particular street you are located, and should be treated with extreme caution.
  • The Internet – Applications using this permission have access to the internet. You should not grant this permission unless an application isn’t gathering other personal information from your device via permissions, as it could share the data it gathered with other people or services.

And there you have it—much more transparent categories that inform users of the true risks to their privacy by allowing such permissions. I would place a lot of money on app developers hating this. And if they did, I’d feel as if I did my job right. This would mean that users were taking back control of their devices and their data. Nobody in their right mind would install a torch application if it required access to “identify you or your device uniquely,” with some properly written warnings that make users aware of just what is possible with the data on offer.

I’d suggest you take a look at iamtubeman’s reddit thread, as it shows just how much he was able to do in his own testing thanks to this change, which he believes to be “very very stupid.” It also affects all Android users who install applications through Google Play. From having looked at it myself, I must concur, and pose the following question: What on Earth was Google thinking this was implemented? Perhaps now is time to say “Sayonara” to Google Apps, and take a look at alternatives that better preserve your privacy and give you control over your own data.

[Source: Google Play - Review App PermissionsReddit thread by iamtubeman]

Advertisment
Capture

Google is in a seemingly never-ending battle against Android platform fragmentation. They’ve approached this problem in many ways, such as KitKat’s focus on lower end devices and the decentralized update process for key developer APIs through Google Play Services.

Now, Google has begun rolling out an update for its Play Services to version 4.1. This comes just a little over two months after the release of Play Services 4.0. Today’s update brings a few new features that may be of importance if you’re an app or game developer.

The biggest addition is that Play Games now supports turn-based multiplayer. This allows game devs to use Play Services for asynchronous multiplayer support for up to 8 players. This allows players to take turns, with each round’s data uploaded to Play Services and shared with the other players automatically.

There’s also a developer preview of the new Google Drive API, which allows app developers to more easily read and write to files on Google Drive. There is also offline support, whereby the changes are synced with Google Drive when Internet connectivity is reestablished.

The update also brings improved support for mobile ads with DoubleClick for Publishers, DoubleClick Ad Exchange, and Search Ads for Mobile Apps. Furthermore, you can now provide Google with your users’ locations to deliver location-based ads for improved monetization. Finally, the update makes for a better Google+ sharing experience, as it allows for a better auto-complete with suggested recipients from Gmail contacts, on-device contacts, and Google+ contacts.

Are you an app developer currently using Google Play Services? Has this decentralization helped your fragmentation struggles? Are you excited about these new changes? Let us know in the comments below!

[Source: Android Developers Blog]

Capture

You may remember that about a week ago, Google issued a major update to its Google Play Books app. In addition to bettering the note taking UI and increasing app performance, the 3.1.17 update also brought one long overdue and highly requested feature: PDF and EPUB uploads.

Now, a new update to the Google Play Books app is rolling out, and unfortunately, it removes PDF to cloud uploads (for the time being). Curiously, though, EPUB uploads are still possible directly from your device. When the folks over at AndroidPolice did a teardown, they found that the following line of code was removed in the transition from 3.1.17 to 3.1.23:

<data android:host=”*” android:mimeType=”*/*” android:pathPattern=”.*\.pdf” android:scheme=”file”/>

Now for those keeping track, it’s important to remember that while the previous app allowed for PDF (and EPUB) uploads to the cloud, it never allowed for local PDFs and EPUBs to be viewed directly. As such, users can still view PDFs indirectly, as long as they upload the PDFs from the web interface rather than from the app.

Luckily, the PDF upload feature is slated to return in the future. It was only removed because it was an experimental feature. But given how well it worked, we’re more than a little sad to see it go (for now). Those looking to update should head over to the Google Play Store listing.

[Source: AndroidPolice]

Screenshot_2013-12-06-14-56-53_1_

Not too long ago, the Google Play Store was given a major update to version 4.4.21. This previous update gave a rather significant UI overhaul to the Play Store, bringing the new slide-out navigation drawer as well as a few other tweaks. We also recently saw Google place tablet apps front and center in the Play Store. Now, Google is rolling out Play Store version 4.5.10, which brings another round of new features and UI revisions, albeit more subtle than the last.

Perhaps the most noticeable change in 4.5.10 relates to user reviews. The new version offers more a prominent placement of stars, encouraging users to rate applications. It also prompts you to rate certain applications in order to receive better recommendations.

In-App Purchases have also been tweaked. The new version highlights when applications have in-app purchases. In other words, you’ll no longer download a “free” game, only to discover later that to complete the mission and rescue the princess, you’ll need to fork over some real cash. Unfortunately, the update doesn’t provide any insight into the quantity or price of in-app purchases. That said, at least this is a step in the right direction, as it should help you know what you’re getting yourself into when trying a freemium app.

Finally, the new Play Store brings an activity feed. This lets you share your Google Play activity such as ratings and +1s in your your Google+ feed. You can also browse other reviewers’ profiles.

The update is gradually rolling out, but it may take some time to make its way over to your personal device. Thankfully, XDA Senior Member Abhiheart has mirrored the APK for your download pleasure. You can find the APK, as well as additional screenshots in the original thread.

Have you updated to Play Store 4.5.10 already? If so, what’s your favorite new feature? Are you most excited about the IAP notifications, or are the better reviews and G+ integration more important to you? Let us know what you think in the comments section below!

 

Screenshot_2013-12-05-15-45-14

Today, Google released a rather significant update to its Google Play Music app for Android. The update brings a few usability improvements such as the ability to shuffle all songs by an artist in Play Music All Access and an easier method of sharing links to your favorite songs, artists, and albums. While important, these new features pale in comparison to the other new feature that this update brings: SD Card support for offline music storage.

Ever since the arrival of the Nexus S, Google has shown its distaste for external SD cards. While having an external storage expansion slot gives users a bit more flexibility when it comes to managing storage limitations, these card slots also add complexity to casual users who aren’t well versed with file management. The removal of Apps2SD support in recent versions of Android also reinforces Google’s apparent view on such functionality. This makes it incredibly curious that today’s update to 5.3.136M brings external SD card support for offline music storage.

Google Play Store Listing Change Log:

v5.3.1316M
* SD card support for offline music on KitKat (Experimental support on some older devices)
* Added ability to shuffle all songs from an artist in All Access
* Made it easy to share links of songs, artists and albums to your favorite social networks

Make your way over to the Google Play Store listing to get the latest update. But since this is a staged rollout, the update may not be officially available to your device. Luckily, those looking to get in on the update a little early can do so thanks to XDA Senior Member androiduser44 who posted the APK for anyone to download. And for those looking for a themed version with a transparent widget, XDA Senior Member ecs1984 has you covered with his modified offering.

unnamed

Despite its flaws, the $35  is a great little device for the price. While it has loads of untapped potential for those of you lucky enough to have root access, many of us are quick to forget about the device’s default functionality.

Google is now perhaps hoping to remind us of the device’s functionality by highlighting Chromecast-enabled applications in the mobile Google Play Store app. Strangely, this option isn’t very visible. To view it on your device, head over to the Apps section of the Play Store. Next to Games and Editor’s Choice, you will see a new Chromecast tab. However, most devices need to be tilted to landscape mode in order to see the option.

Currently, there isn’t too much in the way of officially supported applications. So far, these include HBO Go, Pandora, Hulu Plus, Netflix, YouTube, Google Play Movies & TV, and Google Play Music. That said, the Google Cast SDK is launching soon, so we can expect the list to grow somewhat in the near future.

Were you one of the lucky few to achieve root before the almost unavoidable OTA? Are you happy with your Chromecast and its default functionality? Feel free to let us know in the comments below!

[Via Google Operating System Blog]

cropped-fdroidheader

cropped-fdroidheaderThe Play Store

As promised, the first in our series of “Say Sayonara to Google” articles is about the Play Store. Love it or loathe it, the Play Store is popular. It is so popular, in fact, that it is often berated for the poor quality of apps contained within. While Google is making strides to improve this via their Bouncer malware screening platform, at the end of the day, the Play Store is built on fairly shaky security grounds.

The first security issue with the Play Store is that of remote control. Imagine someone told you the following:

I am able to remotely install arbitrary software to your phone or tablet, which can make use of any permissions available to an app, without prompting you on your device. So I can get access to your GPS location, or access files on your SD card, or access your contacts, and upload all this through the internet

If that were said, I’d hope you would be rather concerned. It’s also true; anyone with access to your Play Store account (i.e. your Google Account) can remotely install software onto your phone from the web interface. And while the Android platform itself has some precautions recently put in place (e.g. since ICS, apps cannot trigger themselves to run until you (the user) have run them once), this is hardly foolproof. Simply install a rogue app with the same icon and title as an app the user already uses, and you have a 50% chance they will open it. Most users would not panic at seeing a second copy of the icon, with power users presuming it a launcher bug.

The attacker who has access to your Play Store web account also knows what apps you have installed (making identification of a suitable app to spoof trivial). While this remote install feature can also be handy if you lose your pre-ICS phone, the ability to remote install software onto your Android device should probably raise a few concerns in the security-conscious mind.

Introducing F-Droid

fshotnew2-180x300

F-Droid is a catalogue of alternative applications, all FOSS (Free, Open Source Software). By default, F-Droid doesn’t contain any applications with ads or attempt to make use of user tracking via analytics engines and the like. It also hides applications that encourage non-free add-ons, and even which promote or make use of non-free network services or require such other applications in order to function.

Applications you download from F-Droid are (for the most-part) compiled from sources by the F-Droid servers, directly from the source code repository provided by the project. While this does entail a level of trust (though again it is worth noting all the F-Droid server software is fully open source too!), it’s also easy to download the application directly from the developer, or to compile it yourself from source (a link is given to the source).

You can see what is available in the F-Droid catalogue using their web interface, and take a look at what’s available. While the variety of apps available is nowhere near that available on Google Play, the quality of Open Source equivalent apps is often well in excess of their commercial rivals. Some apps worth a look include K9 Mail Beta (which has been recently updated to Holo UI) and Agit (an Android git browser).

Either way, the choice of free, Open Source applications is not to be sniffed at, with F-Droid offering an ever-expanding variety to choose from, all delivered using the open source client and built on the Open Source server. If you are a developer who makes Open Source applications, perhaps consider adding your app to the F-Droid repository.

Google_Play_Store

With the recent announcement of the launch of TV shows and Magazines on Google Play, Google now offers a wide range of portable, cloud-based multimedia experience for its users including Apps, Games, Books, Music, Movies, TV shows, and Magazines. Unfortunately, access to everything beyond apps and games is limited to US-residents only. Since there does exist a world beyond the US (we have personally confirmed it, believe it or not), XDA Senior Member kishankpadiyar has shared with us a method to expand that access worldwide, as long as you have a rooted Android device and Google Play Store 3.7.11.

Update: It appears that XDA Member m.sabra originally wrote about this method a few months back when Google added Books and Movies to Play Store upon re-branding it from Android Market. You can visit this forum thread to join the original discussion.

While the method isn’t exactly short, it isn’t all that hard either. First of all, you will be required to install Market Enabler from the APK and DROIDvpn from Play Store. Then, launch DROIDvpn and register for an account. You now have everything you need to make it work. For the rest of the instructions and more details, head over to the forum thread.

Google Play Store

One of the most irritating things about the Google Play Store, is trying to install an application, only to be thrown back by things like country restrictions. Granted, some apps wouldn’t work in some countries anyway, but there’s quite a few out there that have nothing to do with your geological location, which would work perfectly fine if downloaded.

This is a problem that XDA Senior Member Deeco7 is looking to solve with a modified Google Play Store .APK which, among other things, removes country restrictions. This allows anyone, anywhere to download what they want—as long as their phone is compatible, that is.

The mod, which is posted in the Samsung Galaxy S II I9100 forums, has had mixed reviews so far. For many users, the modified Play Store works just fine but many others are experiencing minor bugs. XDA Senior Member xinfinityoO has released a 2nd modified Google Play Store apk for users to try out, which has also had mixed success. Deeco7 has been diligent in updating and attempting to fix such problems, and only time will tell if all the errors can be fixed. Currently, the .APK is based on the latest version (v3.5.16) and Deeco7 has fixed a few bugs already. The best way to avoid these bugs is to follow the installation instructions provided and to check out the thread to see how other users have troubleshooted the issues.

For additional information, screen shots and download links for both xinfinityoO’s version and Deeco7′s version, check out the original thread. Be sure to make a backup of your Vending.apk before attempting, so you can restore if needed.

Screenshot at 2012-03-27 16:05:52

A few days ago some users of certain Samsung Galaxy devices began to notice that within the pending updates in the Play Store (that name still feels wrong), was a strange app that they had not installed and the description of which was entirely in Russian. The application was entitled МТС Мобильная Почта, and has since been removed. What’s more, users were unable to actually find this app on their device to uninstall it. Understandably those affected were somewhat concerned about this, fearing that they had fallen victim to some kind of malware. Thankfully it wasn’t, and the MTC application itself is nothing more than an E Mail client for Russia’s Mobile Telecom Systems published by the developers OJSC.

Shortly after the issue was reported, it was discovered that uninstalling certain Samsung specific apps would prevent this MTC application from being listed under “My Apps” or the pending updates.

As identified by the nice folks at The Verge, it turns out that the E Mail application included in stock Samsung firmwares was given the “unique” application name com.seven.Z7—the same unique name as the MTC app. Apparently Seven, who used to develop E Mail services for WinMo but now offer their applications as white labels to third parties, made the mistake of giving the two applications the same name and certificate, thereby confusing the Play Store. Obviously the Samsung Mail client was not listed on Google Play, whereas the MTC app was. This caused many users to see this fictitious update for an app they did not have installed.

Anyone who was affected by this issue should already have seen it resolve itself thanks to action taken by Google, however if for any reason you are still seeing this app then the simplest solution seems to be simply clearing the Google Play’s cache and/or data. There is no longer any need to remove your Samsung specific applications, as the root of the issue is now resolved.

This does of course bring to light a possible hole in the security of the Play Store. Although this has happened before, it was not on such a large or widely reported scale. I would certainly imagine that Google will be looking to make some adjustments and make sure that this kind of error is no longer possible. Although reproducing it with malicious intent would not be easy, as the same unique app identifier and matching certificate would be required. And to be fair to Google, considering that the Samsung Mail client was not actually listed on the Play Store, technically there was no duplication of the unique ID that they could have been aware of. It still seems that there’s room for improvement here though, as Google’s rather lax policy of app screening has repeatedly come under close scrutiny. While they are not at fault here, that wouldn’t really matter if this were a malicious app rather than a simple mix up.

dontbeevil

It’s undeniable that Android is blessed with a huge selection of high quality applications. “Fart Machines” and “Love Calculators” aside, there is a multitude of incredibly well developed apps out there. Developing is not easy, and the people that do this spend a huge amount of time pouring their heart and soul into these applications and understandably they often wish to charge a fee for their hard work.

While some developers view their work as a hobby or secondary income, it is how many of them make their living. They depend on the income from their hard work to pay the bills and put food on the table. This is one of the main reasons that we have a strict zero tolerance policy towards warez here on XDA Developers. Unfortunately, over the course of the last week, a large number of European developers have been left somewhat in the lurch as far as this income is concerned. You may or may not have already heard about the recent “technical issue” which resulted in many developers not receiving the money they were entitled to from the sale of their apps. Just in case you missed it however, here’s a quick rundown of the situation.

On the 7th of March a developer posted in the Google Checkout forums stating stating that, “For some reason my Google Checkout March payment which has been showed as paid out on the 2nd March has not arrived in my bank account? It normally arrives in my bank account on the 7th of each month.” The developer then inquired as to whether this had affected others as well. As it happened, there were. Pretty soon afterwards, numerous developers from various countries including the UK, France, Spain, Portugal, The Netherlands, Germany, Sweden, Norway, Ireland, Austria and, just to mix things up a little, Brazil, were reporting the same issue. They were also unhappy at the non-existent level of support from Google. The first reported official contact came on the 13th oF March in the form of an Email from the Google Wallet team. “Hello xxxxxx, Thanks for reaching out to us. To ensure a faster resolution, I’ve forwarded your message to a team that’s better able to address your concerns. We’ll respond with additional information as soon as possible. In the meantime, feel free to contact us again if you have further questions. We appreciate your patience. If you have additional questions, please visit our Help Centre at http://www.google.com/support/wallet/.

Very helpful I’m sure you’ll agree. The discontent among developers continued to grow, with many openly considering removing their applications from Google Play in favour of 3rd party dispensaries such as the Amazon App store. This was followed by a post in the original comment thread from an official Google representative stating that “We’re aware of reports from some European developers that they have yet to receive their March 2012 payout for February sales. We’re actively investigating this and are working to resolve it as soon as possible. We apologize for this inconvenience. At this time, no action is needed on your part.” Bear in mind that this is six days after the issue was initially raised. On the 15th of March the issue was acknowledged on the developer console and coupled with a broken “Learn More” link. And finally, a day later, the news that everyone had been waiting for, “We have worked to resolve this, and payouts were initiated on 15 March 2012. However, your bank may take up to three additional business days to register the payout in your account. We apologize for any inconvenience you may have experienced and appreciate your understanding.” Not long after reports began appearing that the money developers were waiting for had been credited to their accounts. Better late than never, I guess.

Now, if you’ll allow me to play Devil’s advocate for a moment, it was pointed out that the Checkout FAQ does state, “In the event of a technical issue, your payment may be delayed and is expected to be initiated on the 15th of the month.” This line however appears to be specific only to certain countries, and was not relevant to all of those suffering the delay in payment. Call me overly suspicious, but that seems a lot like a pre-emptive addition to the fine print when these “technical issues” became a distinct possibility. There was also a post on the Google Forums which claimed the Checkout Merchant Centre Team were going through a “major transition” and that a new three person team were preparing to “take ownership of the codebase” and address these issues. This post however was made from a standard user account, and cannot therefore be confirmed as legitimate.

Although it seems now that the issue is resolved and all those left without payment have now been paid in full, I suspect that the drama will continue to haunt Google for some time. Affected developers are obviously very unhappy with the financial disruption. And many seemed to be just as, if not more, annoyed at the fact that they were completely unable to consult Google directly about the issue. It’s unacceptable that a company on the scale of Google does not have the capability to engage the development community when something like this happens. I appreciate that it may well be infeasible for them to operate a permanently staffed Checkout customer service operation, but this total lack of communication has been a slap in the face to the many hard working developers who depend on these payments. Let’s not forget that 30% of the purchase price of an application never makes its way to the developers, and that is a sizeable chunk by anybody’s standards.

During the lengthy waiting periods for any kind of official feedback, the conversation among developers at one point turned towards payments from Google’s AdMob service, which were seemingly also held up. As if that wasn’t bad enough, there are reports of a sharp decrease in Ad revenue, despite no drop in traffic. One opinion was that this is due to the type of ads that are placed in applications, and how they are assigned by Google. Recent changes to the way this has been done could have a detrimental effect on developers revenue. It’s important at this point to state that there is not conclusive evidence to back this up, but if it were to be the case, it’s a move that would anger a lot of developers, which certainly warrants a little more digging.

With regard to the original issue, one of the commentators raised the point of whether or not Google would compensate those affected by adding interest to the payments. I would imagine though that this is something that was immediately thought of by whichever finely tuned legal mind drew up the smallprint. However, it seems that those affected will have to make do with the incredibly brief and generic apology posted on the checkout forums. It would, in my opinion, be a very grave mistake for Google to assume that the development community will forget this anytime soon, whether or not they choose to completely remove their work from Google Play in favour of other outlets or simply choose to utilize both, it’s going to reduce the number of those 30% cuts they receive. And let’s not forget that when all is said and done, they are still a business and there isn’t a single business out there that can afford to annoy its customers, staff, or suppliers. Which one of those three categories the development community falls into is hard to say—probably all three, which makes this whole affair even more of a problem for Google.

If you are a developer and were in any way affected by either the late payments or have noticed a sharp and unexplainable decline in ad revenue from your applications, please contact us to air your opinions on the matter. Remember, XDA-Developers has always and will always do whatever it can to aid and advance the development community.

google-play-logo

If you haven’t already heard, big changes are coming to the Android Market. Well that’s not strictly true, the changes have already been made, and it’s no longer the Android Market. Google Play is upon us, and while you may not have noticed a change on your device yet, those of us who access Market through the web couldn’t have failed to notice the rebranding. So let’s take a look at what this means for the typical Android user. Does it herald the dawn of a glorious new age of digital media consumption, or is it a case of much ado about nothing? In all honesty, it’s probably a little bit of both.

To sum up the changes as simply as possible, anything that you could previously buy from Google—apps, books, movies, and music—is now distributed via Google Play. Play is now the central location on the web for Google to distribute content and applications, and it will also be replacing the Android Market on your device sometime in the near future, if it hasn’t already. You can read about it in much more detail on the Android Developers Blog.

Now you’re probably thinking that these things are already available from the same place, and that this is just an over-hyped name change. Despite initial appearances, the answer seems to be both yes and no. Flashy new logo and annoyingly generic name aside, there are actually some pretty big changes being implemented.

  • In a way that’s mildly reminiscent of, dare I say it, iCloud. All of your purchases can now accessed from any device or computer via the cloud, no syncing required.
  • The content on offer is no longer only available exclusively to Android users. Anyone can now use Google Play to purchase music, books or rent movies, geography permitting.
  • A change is also being made to the way in which applications are delivered to Android devices, but I’ll circle back to this one in a moment.

The changes aren’t however being met with open arms by everyone, specifically those outside of the US as you can see in the comment thread of the Google Play initial announcement on its own Google Plus page. Many people are frustrated by the fact that services such as Google Music are not yet available outside of the US, something that I can sympathize with. In fact, only a handful of countries have access to anything other than Android applications. A full list of what’s available and where can be found in the Google Play FAQ.

Aside from the change of name, which I hate. I would consider this streamlining of Google’s operation to only be a good thing, as long as they make as much effort as possible to provide their content and services to as many countries as possible. I’m not the sort of person who would use Google Music even if it were available in the UK, but I do think it’s unfortunate that not only do a lot of countries not have access to Google Music, they are also unable to access the books or movies which are being flouted as a major feature of this revamp. One can’t help but feel that this re-branding would have been met with a much more positive reaction if it were performed after rolling out content to other countries. I also can’t help but feel that this new level of unification is somewhat over exaggerated, but then again, Play does increase the scope of Google’s content distribution. There’s something about it all that feels a little bit iTunes-esque. Would it really be so far fetched to think that further down the line, we may be presented with a standalone Google Play client? And if so, would this be a good thing or a bad thing?

Enough with my negativity and speculation. As I mentioned earlier, Play brings a change to the way in which apps are to be distributed. A much more detailed and developer oriented description of which can be found here. The bottom line is that previously, applications were limited to a maximum size of 50MB and any other content that an app required would need to be provided separately by the developer. Since the advent of Google Play, although the initial APK is still limited to 50MB, it can be supplemented by two extension files with an upper limit of 2GB in size each. This effectively allows for applications up to 4GB in size. The content is hosted by Google, which obviously has massive benefits to both developers and users alike. Mainly that it saves the developers having to host content themselves, while offering users greater consistency when attempting to download the content. From a developer’s perspective, the increased file size is most likely the best thing to come out of these recent changes. Obviously it goes without saying that all your previous purchases are still valid and there is no need for developers to resubmit their work. Furthermore, the basic framework of the entire ecosystem remains largely untouched. The roll out is already well underway, with the online market becoming Google Play as of yesterday, and changes on devices being made over the next few days. Right now, I’m still to see the market change on my device, although the new APK is in circulation if you simply cannot wait to try it out.

So there you have it, this is Google Play in all it’s glory. For those of us who are somewhat underwhelmed by the whole affair, there’s even a “we know you’re not impressed so here’s some cheap stuff” promotion, which to be fair, does have some rather good deals.

Advertisement

XDA TV: Most Recent Video

Buy/Sell on Swappa

  • Nexus 5 (Unlocked) buy | sell
  • Galaxy Note 3 (T-Mobile) buy | sell
  • HTC One M7 (Verizon) buy | sell
  • Galaxy S 5 (Unlocked) buy | sell
  • Nexus 7 2013 buy | sell
  • Swappa is the official marketplace of XDA