Best daily deals

Affiliate links on Android Authority may earn us a commission. Learn more.

Google's change to SMS, calling permissions is still hobbling popular apps

Cerberus lets you send SMS commands to a stolen smartphone, but Google's new policy could kill the feature.
By
January 7, 2019
The Cerberus security app.
TL;DR
  • Popular security app Cerberus is expected to lose SMS functionality due to a new Google policy.
  • Google recently changed the way it handles SMS and calling permissions.
  • Cerberus uses these permissions so subscribers can send text-based commands to a lost or stolen phone.

Google announced changes to the way it handles SMS and calling permissions late last year, making it tougher for apps to gain your data. Unfortunately, this change hurt quite a few apps with a legitimate need for those permissions.

Some of these apps, like Tasker, were initially caught by the changes. But Google added task automation apps as an exception, allowing Tasker’s developers to reclaim the permissions.

Now, Android Police reports that popular security app Cerberus is still caught out by these changes, and will need to be updated to remove functionality associated with these permissions. Unfortunately, Google’s application form, which allows developers to secure exemptions, specifically bars security and device locator apps from gaining these permissions.

That’s great, congratulations! We do not see the point of submitting the form again, now our use case is explicitly prohibited :( pic.twitter.com/NNi5mCt8ZY
— Cerberus (@cerberusapp) January 4, 2019

It’s rather disappointing, as Cerberus uses the SMS and calling permissions for a key feature. Cerberus subscribers can use text messages to issue commands to a lost or stolen smartphone, in lieu of an internet connection. These commands include locking/unlocking the phone, taking a photo or video via the selfie camera, and wiping storage. The app also uses the permission to send text alerts, such as SIM cards being changed, according to the developers.

Cerberus is more capable on paper than Google’s own Find My Device function. Google’s own app allows you to view your device on a map, play a ringing sound, and erase storage. But we don’t see fancy features like text commands, and the ability to take photos of a thief.

10 best security apps for Android that aren't antivirus apps
App lists
This is the featured image for the best security apps for android

Android Police notes that Cerberus isn’t the only legitimate app caught out by the change, citing several reddit threads from disgruntled developers. A lengthy Google Issue Tracker thread also popped up following the search giant’s decision, with loads of users asking Google to either pull the change or make an exception for Cerberus.

Developers have until January 9 to apply for an exemption, but what happens if your application is denied or you miss the boat entirely? “Apps that fail to meet policy requirements or submit a Permissions Declaration Form by January 9, 2019 may be removed from Google Play,” reads an excerpt from Google’s Play Console Help page.

Even if you’re granted an exemption by Google, the company’s help page states that this only lasts for two months (until March 9). Hopefully the search giant relents and gives Cerberus and other legitimate apps a proper exemption…

NEXT: A system-wide dark mode might finally come with Android Q