Newest SDK adds extra AD permissions even using strict package
novavision opened this issue ยท 7 comments
Hi.
Here are some extra AndroidManifest.xml lines are added by latest AppsFlyer SDK.
<uses-permission android:name="android.permission.ACCESS_ADSERVICES_ATTRIBUTION"/>
<uses-permission android:name="android.permission.ACCESS_ADSERVICES_AD_ID"/>
<property android:name="android.adservices.AD_SERVICES_CONFIG" android:resource="@xml/ga_ad_services_config"/>
Previous version (if I am not wrong I used 6.8.0 before) added just a single line
<uses-permission android:name="com.google.android.gms.permission.AD_ID"/>
which I excluded using
<uses-permission android:name="com.google.android.gms.permission.AD_ID" tools:node="remove"/>
App is rejected by Google Play using strick package and these lines
<uses-permission android:name="com.google.android.gms.permission.AD_ID" tools:node="remove"/>
<uses-permission android:name="android.permission.ACCESS_ADSERVICES_ATTRIBUTION" tools:node="remove"/>
<uses-permission android:name="android.permission.ACCESS_ADSERVICES_AD_ID" tools:node="remove"/>
<uses-permission android:name="com.google.android.providers.gsf.permission.READ_GSERVICES" tools:node="remove"/>
Why these new lines added? Why the my app rejected by GooglePlay?
Is anyone from the developer team alive here?
๐ Hi @novavision and Thank you for reaching out to us.
In order for us to provide optimal support, please submit a ticket to our support team at support@appsflyer.com.
When submitting the ticket, please specify:
- โ your AppsFlyer sign-up (account) email
- โ app ID
- โ production steps
- โ logs
- โ code snippets
- โ and any additional relevant information.
We also had our app rejected by google play due to:
Version code 108: Policy Declaration - Data Safety Section: Device Or Other IDs Data Type - Device Or Other IDs (some common examples may include Advertising ID, Android ID, IMEI, BSSID, MAC address), Possible SDKs: com.appsflyer:af-android-sdk
Downgrading back to version 6.12.21 worked (6.14.0 is the one that failed).
I'm guessing this is due to Added support for Google's new EU consent policy (DMA) in the android 6.13.0 library (included with unity version 6.14.0).
We added AppsFlyer.setDisableAdvertisingIdentifiers(true); between the call to initSDK and the call to startSDK and that appears to have resolved our google play review issues with 6.14.0.
I also added:
AppsFlyer.enableTCFDataCollection(false);
AppsFlyer.setConsentData(AppsFlyerConsent.ForGDPRUser(false, false));
to be safe but it should be disabling advertising identifiers that makes a difference here.
AppsFlyer.setDisableAdvertisingIdentifiers(true);
Should be set before initialization, according to support reply.
My case was resolved - in a fact there was no mistake. AppsFlyer support analyzed my build to ensure no ID is collected. Then they contacted the Google review team and somehow solved it. From what I understood - Google was a problem.
Just after that app was reviewed successfully
Thanks, the resolution of your case is probably what resolved my issue as well. I found it unlikely that a runtime change would effect a static analyses review failure.
The Unity code for setDisableAdvertisingIdentifiers is:
public static void setDisableAdvertisingIdentifiers(bool disable)
{
if (instance != null && instance is IAppsFlyerAndroidBridge)
{
IAppsFlyerAndroidBridge appsFlyerAndroidInstance = (IAppsFlyerAndroidBridge)instance;
appsFlyerAndroidInstance.setDisableAdvertisingIdentifiers(disable);
}
}
So if you call that before initSDK (or one of the other functions that has the side effect of assigning instance) it literally does nothing.
This issue is stale because it has been open for 30 days with no activity.