Google cracks down on power-user apps that use Android's accessibility API

Alfred Osborne
November 15, 2017

Developers whose apps use Android's accessibility features outside of their intended goal will need to abide by a few new rules or risk of having their apps removed from the Play Store entirely.

Last Pass have made a statement on their blog stating that Google have contacted them and other app developers and are working on a "long-term solution" to suit users' needs and their accessibility requirements for full app functionality. Google's sudden policy change seems like it will also reduce the functionality of myriad useful apps and could outright kill others. However, these functions can create security risks, so, Google is now taking some strict actions against apps using Accessibility Services. The app, which is particularly popular in India, has been delisted from the app store for misleading and unhealthy promotions.

This giant pink diamond could sell for $30 million at auction
The white, matchbox-size "Creation 1" diamond from Swiss jeweler de Grisogono weighs a whopping 163 carats. Tuesday's sale marked the first time the diamond appeared at auction in 130 years.

Texas State University Suspends Greek Life After 'Tragic Death' of Fraternity Pledge
Trauth released a statement on Tuesday suspending all activities of Greek fraternities and sororities at the university. An autopsy has been ordered by Judge Moreno, and Ellis' body was sent to the Travis County Medical Examiner's Office.

Principal Financial Group Inc. Increases Position in Gilead Sciences, Inc. (GILD)
Carnegie Asset Limited Liability Corporation stated it has 0.08% of its portfolio in Gilead Sciences, Inc . (NASDAQ: GILD ). Its up 0.02, from 0.91 in 2017Q1. 938.32 million shares or 0.11% more from 937.32 million shares in 2017Q1 were reported.

Google's new policy will hurt a large swath of power-user apps. If you want to write a powerful Android app and don't want to modify your phone for root access, tapping into the accessibility API is the next best thing. The email also informs that such repeated violations may lead to a termination of the developer's account or even related Google accounts as well. For example, some password management apps use Accessibility Services API to make it easier for users to fill in text fields with their log-in credentials in another app. The impetus for this move appears to be existence of (now removed) apps in the Play Store which use Accessibility features in conjunction with a vulnerability patched as part of the September security update to install malware.

With the accessibility API, apps can access lots of powerful commands that let them function a bit like a system-level app, and the legitimate, non-accessibility uses are nearly endless. This in turn, can be used by a bad actor to enable malicious activity such as a phishing exploit, keylogger, or ransomware attack.

Other reports by

Discuss This Article