After the Google+ data leak affecting about half a million people, Google has taken major steps to ensure greater privacy and security of user data.
Apart from pulling back Google+ from the general masses, the search engine also revamped its Play Store permission policy.
As per the new policy, applications cannot ask for permissions that are not required for their core functionality. Accessing call logs, calendars, and reading messages are going to be more difficult for apps that don’t really need that information.
For instance, hotel apps like OYO cannot ask a user to access their call log or read their messages.
The major platforms affected by this are Payment apps which will not be able to read messages for OTP, but they can use Google’s SMS retriever API for this purpose from now on.
For fintech startups, this is significantly important as these apps used the data to assess the credit score of the customers.
Apart from payments platforms, e-commerce platforms like Flipkart, Amazon, other startups like Swiggy, Zomato (foodtech), Ola, Uber (cab aggregators), and social networks like Facebook and Instagram, which also were involved in data mining through asking for permissions over and above the necessary, also face the repercussions of the change and have to take major steps to accommodate it.
As mentioned earlier, only those apps can access sensitive information for which the permission is core to the functionality, like, for Truecaller, reading call logs is the basic task.
Apps have 90 days to conform to the new data policy.
This policy is a major step that reflects how Google has taken a little responsibility for the leak and is trying to rectify the privacy issue that is rampant across the internet industry, something for which the company itself has been under scrutiny for years.
The development was reported by ET.