Android Question Google Play Protect Problem Again!

[incendio]

Hi guys,

I have an old private app, that is not published via Play Store, that runs OK without any problem.
This app send data to server via JRDC2 and stored some of its configurations in phone's internal directory via file provider and key values Store.

To get Internal directory location, this codes was used

Sub Service_Create
    Private rtp As RuntimePermissions
    PUB_InstDir= rtp.GetSafeDirDefaultExternal("")
End Sub

Key Value Store library used is version 2.30

kvs.Initialize(PUB_InstDir, "datastore.cfg")

App runs OK in my phone with Android 10, no harm detected by Play Protect.
I update this app, add a query via JRDC, tried to install the updated version to my phone, suddently, Play Protect detect it as a harmful app.

In still can be installed, but from my experienced, soon or later, Play Protect will delete it automatically.

Any hints how to get rid this distrubing behaviour by Play Protect ?

 

[JohnC]

Do you need to share the files you are storing in "GetSafeDirDefaultExternal" with other apps?

If not, then just use Dir.Internal (instead GetSafeDirDefaultExternal) which doesn't need any permissions and that will probably be ok with play protect.

 

[incendio]

Do you need to share the files you are storing in "GetSafeDirDefaultExternal" with other apps?

If not, then just use Dir.Internal (instead GetSafeDirDefaultExternal) which doesn't need any permissions and that will probably be ok with play protect.

Yes. I need user to send the file in this directory via email in case of there any problems found.

Turn out that, not only old app affected. New app created in this year also affected.

I use B4A 10.6.

 

[incendio]

I am confused.

Created a sample app with B4A 10.6, no codes added except for default code when you choose File->New->Default and modified manifest editor into like this

<uses-sdk android:minSdkVersion="4" android:targetSdkVersion="29"/>

Tried to install on my phone, and Play Protect gave warning that the app might be harmful.
What's wrong here?

 

[JohnC]

When Epic pulled fortnite from the playstore, epic showed users how to sideload their app. And then Play Protect kept complaining to users that the app "might" be harmful.

So, play protect might be saying an app "might" be harmful simply because it was side loaded.

 

[Xfood]

add this line in the manifest as well

SetApplicationAttribute(android:requestLegacyExternalStorage, true)

I am confused.

Created a sample app with B4A 10.6, no codes added except for default code when you choose File->New->Default and modified manifest editor into like this

<uses-sdk android:minSdkVersion="4" android:targetSdkVersion="29"/>

Tried to install on my phone, and Play Protect gave warning that the app might be harmful.
What's wrong here?

 

[incendio]

I think, I found the problem.

Few months ago, Google ban my developer account, they accused that my app on Play Store was a malware. Although I refused it and offer the source code so that they can check it, they simply didn't care.

This app is a different one from that app published in Play Store, the only same thing is, both apps use same Private Sign Key.

When I changed Private Sign Key for this app, Play Protect show a message that the developer of the app is unknown, but when user insist to intall it anyway, app can be installed and was not tag as a harmful app.

Is Private Sign Key has expiration date? What can I do againt this action from google?

 

[JohnC]

Ah, that would do it.

When google closed your account, it sounds like they blacklisted your developer private key and Play protect is seeing that blacklisted key and displaying the warning.

So, it should not be a problem if you use a different key because you will not be uploading the app to the play store.

 

[incendio]

Ah, that would do it.

When google closed your account, it sounds like they blacklisted your developer private key and Play protect is seeing that blacklisted key and displaying the warning.

So, it should not be a problem if you use a different key because you will not be uploading the app to the play store.

That is not fair. It was a different app and when they ban my account, they refused to inspect the source code of app that they tag it as a malware.

So, google is untouchable?

 

[agraham]

So, google is untouchable?

Unfortunately, yes!