If you follow any well-known independent Android app developer on social media, you've probably seen them complain at least once about Play Store ratings. It's understandable, though, since ratings, while sometimes completely nonsensical, can make or break an app's success. In Google Play, users who have issues with a product are much more likely to leave a (negative) review than users who don't have issues with a product, which is true for many online marketplaces with rating systems. To combat this issue, many developers encourage customers to leave a Play Store review if they're satisfied with the product. Currently, the only way for users to rate an app on Google Play is to navigate to the Play Store listing, but Google may be developing a way for users to rate apps through an in-app dialog.
An APK teardown can often predict features that may arrive in a future update of an application, but it is possible that any of the features we mention here may not make it in a future release. This is because these features are currently unimplemented in the live build and may be pulled at any time by Google in a future build.
New In-App Review Code in the Google Play Store
Version 15.9.21 of the Play Store app started rolling out sometime this week, and it was uploaded to APKMirror by the developer of OpenGApps. We decoded this APK and discovered a new Activity named "com.google.android.finsky.inappreviewdialog.InAppReviewActivity." Judging by the name, this appears to be a dialog that allows a user to rate an app without leaving the app. Currently, launching the Activity brings up a simple "submit" button at the bottom, which doesn't do anything when tapped.
That's because Google has yet to actually implement this in-app review flow. The 3 new layout files, named in_app_review_dialog_fragment, in_app_review_dialog_rate_review_layout, and in_app_review_dialog_thank_you_layout, are currently empty. We won't find out what this in-app review flow looks like until a later Play Store release fills in these layouts. We checked the code and found mentions of a few relevant flags, but we didn't learn any useful information.
Possibility for Abuse?
Google could have added an in-app review flow years ago, but the possibility of ratings abuse prevented them from doing so. If apps could be reviewed outside of the Play Store, then it's possible we would have seen tricks like using an Accessibility Service to bring the dialog up, rate the app, and then go away when the user isn't looking. Alternatively, an app could use an overlay to alter the original dialog, tricking the user into giving a higher rating than they intended.
Since the early days of Android, however, Google has cracked down heavily on these potential abuse avenues. Android Q blocks background activity starts, for example, and recent Android versions also force apps with foreground services to show persistent notifications. The SYSTEM_ALERT_WINDOW API used for making overlays will eventually be fully replaced by Android Q's new Bubbles API, too. I'm not sure how Google will verify the integrity of ratings submitted via the Play Store's new in-app review dialog, but I'm confident they wouldn't be working on such a feature without taking these issues into consideration. I'll leave further speculation for when the feature is closer to launch.
I'm hoping that Google will take this opportunity to crack down on apps that present fake in-app review dialogs—you know, those apps that tell users to contact the developer if they rate < 5 stars in the fake dialog while also redirecting users who submit fake 5 star ratings to the actual Play Store listing. It's a shady practice that I don't see this in-app review flow addressing. Google's rules on Play Store user ratings haven't been updated in a while, but we may see new rules get added if the in-app review flow materializes.
Thanks to PNF Software for providing us a license to use JEB Decompiler, a professional-grade reverse engineering tool for Android applications.