Lately, there has been a lot of emphasis on how smartphone app developers are treated in Apple and Google's app stores. Google has decided now is a good time to announce stricter billing rules for app stores. A new post from the official Android Developer Blog promises a crackdown on in-app billing, which is aimed at large streaming services such as Netflix and Spotify.
Google's post is really around the bush, trying to gloss over this announcement. First of all, it says, "We've always asked developers who sell their apps on Play to use Google Play's billing system when they offer in-app purchases of digital goods and pay a service fee as a percentage of the purchase." However, this rule was not enforced, and many large developers simply ignored Google's billing requirements. These days, Netflix and Spotify aren't using Google's in-app billing and are instead throwing new accounts into a web browser where companies can use PayPal or direct credit card processing to dodge Google's 30 percent fees.
"We made the language clearer in our payments policy so that all developers who sell digital goods in their apps must use Google Play's billing system," continues Google. "For those who already have an app on Google Play that requires technical work to integrate our billing system, we don't want to unduly disrupt their roadmaps and are giving one year (until September 30, 2021) to complete the necessary updates."
That's basically the meat of the blog post: everyone must be using Google Billing by this point in the next year. A look at the "Payment Policy" shows examples like "Subscription Services" that offer things like "Music" and "Video". It also warns readers at the top that "Changes to this policy are coming!" and that "any existing app that is currently using an alternate billing system must remove it in order to comply with this update."
Google makes a clear distinction between Android and iOS by pointing out that developers have a "choice of stores" on Android and that most Android devices come with multiple app stores. Google mentions twice that "every business is able to determine its own business model and customer functions". This means that developers who want to access Google Play with 2 billion active users will have to follow the rules or look elsewhere.
Better third-party app store support in Android 12?
Another tidbit in this post is the news of an Android 12 feature: "We'll be making changes to Android 12 (next year's Android version) to make it even easier for users to use other app stores on their devices, without compromising the security measures Android has put in place. We are designing all of this now and look forward to sharing more in the future! "
Currently, a few additional check boxes are required for installing a second app store. However, since entering Google's walled garden actually exposes users to more threats, the two warning messages don't seem excessive. Google regularly publishes statistics that compare the malware rate of Google Play-only devices with devices that have apps installed from outside the Play Store. While Google Play is by no means perfect, Google is one of the few app store operators big enough to put every app through a review process. As a result, users were 5 to 10 times more likely to receive malware outside the Play Store than inside the Play Store over the past two years.
The current App Store installation process isn't that tedious. When you download something like F-Droid (an open source app store), Chrome first warns you that this type of file (an APK) can damage your device that you can click through. If you've never installed an app through the browser before, you'll be taken to the device settings so you can check the "Allow installations from source" box for Chrome. Then you can install the App Store. For Android, every app that installs apps must have the "Install unknown apps" check box selected. You must therefore also reverse this setting so that the new App Store can install apps.
Enlarge /. Installation process for the alternative app store of Android 11.
This move to make it easier to use third-party app stores makes a little more sense in response to Fortnite developer Epic, who is currently suing Google over its alternative app store guidelines. "Downloading Fortnite directly to an Android device can take a dozen steps that require the user to change the default settings and boldly click through several serious warnings," said Epic's antitrust lawsuit. "And even if a persistent user succeeds in installing a competing app store, Google prevents such stores from competing on an equal footing with the Google Play Store by preventing them from offering basic functions such as automatic updates of apps in the background."
Like any lawsuit, Epic's filing is a little boisterous. By my count, installing a third-party app store takes five steps, not "a dozen steps". While any pre-installed app store (in the locked system partition) can install app updates, Epic has the right that app stores downloaded by the user cannot automatically update apps. Letting downloaded apps install new code in the background without the user's consent sounds a little scary, but maybe Google could add a highly privileged "App Store" permission to downloaded apps to keep companies like Epic happy. Epic also says it doesn't like the "bad warnings" associated with these permissions either, and properly informing users of how powerful an App Store permission would be would require a rather scary-sounding warning. Epic has been caught irresponsibly with these forces once when the Fortnight Installer exposed Samsung devices to a security hole.