Google cracks down on power-user apps that use Android's accessibility API

Alfred Osborne
November 15, 2017

Developers whose apps use Android's accessibility features outside of their intended goal will need to abide by a few new rules or risk of having their apps removed from the Play Store entirely.

Last Pass have made a statement on their blog stating that Google have contacted them and other app developers and are working on a "long-term solution" to suit users' needs and their accessibility requirements for full app functionality. Google's sudden policy change seems like it will also reduce the functionality of myriad useful apps and could outright kill others. However, these functions can create security risks, so, Google is now taking some strict actions against apps using Accessibility Services. The app, which is particularly popular in India, has been delisted from the app store for misleading and unhealthy promotions.

49ers coach Kyle Shanahan talks about Marquise Goodwin's emotional day
The couple has received a tremendous amount of love and support since news came out about the death of their son. The play helped set the tone for the game and was one of four touchdowns scored by the 49ers on Sunday.

Tredje AP fonden Increases Holdings in Automatic Data Processing (NYSE:ADP)
Armbruster Capital Management Inc. lifted its stake in shares of Automatic Data Processing by 2.5% in the second quarter. Shares for $2.70 million were sold by WILKE JEFFREY A . (NASDAQ:AMZN) was sold by Blackburn Jeffrey M on Monday, May 15.

Should You Hold PayPal Holdings, Inc. (NASDAQ:PYPL)
According to their observations and findings, the stock could provide a high EPS of $0.55/share and a low EPS of $0.49/share. Wall Street analysts are looking for the company to grow 21.36% over the next year and 21.04% over the next five years.

Google's new policy will hurt a large swath of power-user apps. If you want to write a powerful Android app and don't want to modify your phone for root access, tapping into the accessibility API is the next best thing. The email also informs that such repeated violations may lead to a termination of the developer's account or even related Google accounts as well. For example, some password management apps use Accessibility Services API to make it easier for users to fill in text fields with their log-in credentials in another app. The impetus for this move appears to be existence of (now removed) apps in the Play Store which use Accessibility features in conjunction with a vulnerability patched as part of the September security update to install malware.

With the accessibility API, apps can access lots of powerful commands that let them function a bit like a system-level app, and the legitimate, non-accessibility uses are nearly endless. This in turn, can be used by a bad actor to enable malicious activity such as a phishing exploit, keylogger, or ransomware attack.

Other reports by

Discuss This Article

FOLLOW OUR NEWSPAPER