An Android app with more than 500,000 downloads from Google Play has been caught hosting malware that surreptitiously sends users’ contacts to an attacker-controlled server and signs up users to pricey subscriptions, a security firm reported.
The app, named Color Message, was still available on Google servers at the time this post was being prepared. Google removed it more than three hours after I asked the company for comment.
Ostensibly, Color Message enhances text messaging by doing things such as adding emojis and blocking junk texts. But according to researchers at Pradeo Security said on Thursday, Color Message contains a family of malware known as Joker, which has infected millions of Android devices in the past.
Researchers said they’ve discovered a batch of apps downloaded from Google Play more than 300,000 times before the apps were revealed to be banking trojans that surreptitiously siphoned user passwords and two-factor authentication codes, logged keystrokes, and took screenshots.
The apps—posing as QR scanners, PDF scanners, and cryptocurrency wallets—belonged to four separate Android malware families that were distributed over a span of four months. They used several tricks to sidestep restrictions Google has devised in an attempt to rein in the unending distribution of fraudulent apps in its official marketplace. Those limitations include restricting the use of accessibility services for sight-impaired users to prevent the automatic installation of apps without user consent.
“What makes these Google Play distribution campaigns very difficult to detect from an automation (sandbox) and machine learning perspective is that dropper apps all have a very small malicious footprint,” researchers from mobile security company ThreatFabric wrote in a post. “This small footprint is a (direct) consequence of the permission restrictions enforced by Google Play.”
Google has made another tweak to the fee structure for apps hosted on the Google Play app store, again granting certain developers a larger slice of the pie. The change specifically affects apps that rely on recurring subscription revenue.
Previously, Google took a cut of 30 percent in the first year that a recurring subscription was active, then 15 percent in the years after that. Now, Google will take a cut of only 15 percent from the very start.
Some apps that fit the Play Media Experience Program, such as apps for distributing books or streaming video or audio, will see even smaller cuts—as low as 10 percent. To join that program, developers have to opt in.
Does this sound familiar? An app goes viral on social media, often including TikTok, then immediately climbs to the top of the App Store where it gains even more new installs thanks to the heightened exposure. That’s what happened with the recent No. 1 on the U.S. App Store, Fontmaker, a subscription-based fonts app which appeared to benefit from word-of-mouth growth thanks to TikTok videos and other social posts. But what we’re actually seeing here is a new form of App Store marketing — and one which now involves one of the oldest players in the space: Vungle.
Fontmaker, at first glance, seems to be just another indie app that hit it big.
The app, published by an entity called Mango Labs, promises users a way to create fonts using their own handwriting which they can then access from a custom keyboard for a fairly steep price of $4.99 per week. The app first launched on July 26. Nearly a month later, it was the No. 2 app on the U.S. App Store, according to Sensor Tower data. By August 26, it climbed up one more position to reach No. 1. before slowly dropping down in the top overall free app rankings in the days that followed.
By Aug. 27, it was No. 15, before briefly surging again to No. 4 the following day, then declining once more. Today, the app is No. 54 overall and No. 4 in the competitive Photo & Video category — still, a solid position for a brand-new and somewhat niche product targeting mainly younger users. To date, it’s generated $68,000 in revenue, Sensor Tower reports.
But Fontmaker may not be a true organic success story, despite its Top Charts success driven by a boost in downloads coming from real users, not bots. Instead, it’s an example of how mobile marketers have figured out how to tap into the influencer community to drive app installs. It’s also an example of how it’s hard to differentiate between apps driven by influencer marketing and those that hit the top of the App Store because of true demand — like walkie-talkie app Zello, whose recent trip to No. 1 can be attributed to Hurricane Ida
As it turns out, Fontmaker is not your typical “indie app.” In fact, it’s unclear who’s really behind it. Its publisher, Mango Labs, LLC, is actually an iTunes developer account owned by the mobile growth company JetFuel, which was recently acquired by the mobile ad and monetization firm Vungle — a longtime and sometimes controversial player in this space, itself acquired by Blackstone in 2019.
Through The Plug, mobile app developers and advertisers can connect to JetFuel’s network of over 15,000 verified influencers who have a combined 4 billion Instagram followers, 1.5 billion TikTok followers, and 100 million daily Snapchat views.
While marketers could use the built-in advertising tools on each of these networks to try to reach their target audience, JetFuel’s technology allows marketers to quickly scale their campaigns to reach high-value users in the Gen Z demographic, the company claims. This system can be less labor-intensive than traditional influencer marketing, in some cases. Advertisers pay on a cost-per-action (CPA) basis for app installs. Meanwhile, all influencers have to do is scroll through The Plug to find an app to promote, then post it to their social accounts to start making money.
Image Credits: The Plug’s website, showing influencers how the platform works
So while yes, a lot of influencers may have made TikTok videos about Fontmaker, which prompted consumers to download the app, the influencers were paid to do so. (And often, from what we saw browsing the Fontmaker hashtag, without disclosing that financial relationship in any way — an increasingly commonproblem on TikTok, and area of concern for the FTC.)
Where things get tricky is in trying to sort out Mango Labs’ relationship with JetFuel/Vungle. As a consumer browsing the App Store, it looks like Mango Labs makes a lot of fun consumer apps of which Fontmaker is simply the latest.
JetFuel’s website helps to promote this image, too.
It had showcased its influencer marketing system using a case study from an “indie developer” called Mango Labs and one of its earlier apps, Caption Pro. Caption Pro launched in Jan. 2018. (App Annie data indicates it was removed from the App Store on Aug. 31, 2021…yes, yesterday).
Image Credits: App Annie
Vungle, however, told TechCrunch “The Caption Pro app no longer exists and has not been live on the App Store or Google Play for a long time.” (We can’t find an App Annie record of the app on Google Play).
They also told us that “Caption Pro was developed by Mango Labs before the entity became JetFuel,” and that the case study was used to highlight JetFuel’s advertising capabilities. (But without clearly disclosing their connection.)
“Prior to JetFuel becoming the influencer marketing platform that it is today, the company developed apps for the App Store. After the company pivoted to become a marketing platform, in February 2018, it stopped creating apps but continued to use the Mango Labs account on occasion to publish apps that it had third-party monetization partnerships with,” the Vungle spokesperson explained.
In other words, the claim being made here is that while Mango Labs, originally, were the same folks who have long since pivoted to become JetFuel, and the makers of Caption Pro, all the newer apps published under “Mango Labs, LLC” were not created by JetFuel’s team itself.
“Any apps that appear under the Mango Labs LLC name on the App Store or Google Play were in fact developed by other companies, and Mango Labs has only acted as a publisher,” the spokesperson said.
Image Credits: JetFuel’s website describing Mango Labs as an “indie developer”
There are reasons why this statement doesn’t quite sit right — and not only because JetFuel’s partners seem happy to hide themselves behind Mango Labs’ name, nor because Mango Labs was a project from the JetFuel team in the past. It’s also odd that Mango Labs and another entity, Takeoff Labs, claim the same set of apps. And like Mango Labs, Takeoff Labs is associated with JetFuel too.
Breaking this down, as of the time of writing, Mango Labs has published several consumer apps on both the App Store and Google Play.
On iOS, this includes the recent No. 1 app Fontmaker, as well as FontKey, Color Meme, Litstick, Vibe, Celebs, FITme Fitness, CopyPaste, and Part 2. On Google Play, it has two more: Stickered and Mango.
Image Credits: Mango Labs
Most of Mango Labs’ App Store listings point to JetFuel’s website as the app’s “developer website,” which would be in line with what Vungle says about JetFuel acting as the apps’ publisher.
What’s odd, however, is that the Mango Labs’ app Part2, links to Takeoff Labs’ website from its App Store listing.
The Vungle spokesperson initially told us that Takeoff Labs is “an independent app developer.”
And yet, the Takeoff Labs’ website shows a team which consists of JetFuel’s leadership, including JetFuel co-founder and CEO Tim Lenardo and JetFuel co-founder and CRO JJ Maxwell. Takeoff Labs’ LLC application was also signed by Lenardo.
Meanwhile, Takeoff Labs’ co-founder and CEO Rhai Goburdhun, per his LinkedIn and the Takeoff Labs website, still works there. Asked about this connection, Vungle told us they did not realize the website had not been updated, and neither JetFuel nor Vungle have an ownership stake in Takeoff Labs with this acquisition.
Image Credits: Takeoff Labs’ website showing its team, including JetFuel’s co-founders.
Takeoff Labs’ website also shows off its “portfolio” of apps, which includes Celeb, Litstick, and FontKey — three apps that are published by Mango Labs on the App Store.
On Google Play, Takeoff Labs is the developer credited with Celebs, as well as two other apps, Vibe and Teal, a neobank. But on the App Store, Vibe is published by Mango Labs.
Image Credits: Takeoff Labs’ website, showing its app portfolio.
(Not to complicate things further, but there’s also an entity called RealLabs which hosts JetFuel, The Plug and other consumer apps, including Mango — the app published by Mango Labs on Google Play. Someone sure likes naming things “Labs!”)
Vungle claims the confusion here has to do with how it now uses the Mango Labs iTunes account to publish apps for its partners, which is a “common practice” on the App Store. It says it intends to transfer the apps published under Mango Labs to the developers’ accounts, because it agrees this is confusing.
Vungle also claims that JetFuel “does not make nor own any consumer apps that are currently live on the app stores. Any of the apps made by the entity when it was known as Mango Labs have long since been taken down from the app stores.”
JetFuel’s system is messy and confusing, but so far successful in its goals. Fontmaker did make it to No. 1, essentially growth hacked to the top by influencer marketing.
But as a consumer, what this all means is that you’ll never know who actually built the app you’re downloading or whether you were “influenced” to try it through what were, essentially, undisclosed ads.
Fontmaker isn’t the first to growth hack its way to the top through influencer promotions. Summertime hit Poparrazzi also hyped itself to the top of the App Store in a similar way, as have many others. But Poparazzi has since sunk to No. 89 in Photo & Video, which shows influence can only take you so far.
As for Fontmaker, paid influence got it to No. 1, but its Top Chart moment was brief.
Netflix today announced it will begin testing mobile games inside its Android app for its members in Poland. At launch, paying subscribers will be able to try out two games, “Stranger Things: 1984” and “Stranger Things 3” — titles that have been previously available on the Apple App Store, Google Play and, in the case of the newer release, on other platforms including desktop and consoles. While the games are offered to subscribers from within the Netflix mobile app’s center tab, users will still be directed to the Google Play Store to install the game on their devices.
To then play, members will need to confirm their Netflix credentials.
Members can later return to the game at any time by clicking “Play” on the game’s page from inside the Netflix app or by launching it directly from their mobile device.
“It’s still very, very early days and we will be working hard to deliver the best possible experience in the months ahead with our no ads, no in-app purchases approach to gaming,” a Netflix spokesperson said about the launch.
Let’s talk Netflix and gaming.
Today members in Poland can try Netflix mobile gaming on Android with two games, Stranger Things: 1984 and Stranger Things 3. It’s very, very early days and we’ve got a lot of work to do in the months ahead, but this is the first step. https://t.co/yOl44PGY0r
The company has been expanding its investment in gaming for years, seeing the potential for a broader entertainment universe that ties in to its most popular shows. At the E3 gaming conference back in 2019, Netflix detailed a series of gaming integrations across popular platforms like Roblox and Fortnite and its plans to bring new “Stranger Things” games to the market.
On mobile, Netflix has been working with the Allen, Texas-based game studio BonusXP, whose first game for Netflix, “Stranger Things: The Game,” has now been renamed “Stranger Things: 1984” to better differentiate it from others. While that game takes place after season 1 and before season 2, in the “Stranger Things” timeline, the follow-up title, “Stranger Things 3,” is a playable version of the third season of the Netflix series. (So watch out for spoilers!)
With the launch of the test in Poland, Netflix says users will need to have a membership to download the titles as they’re now exclusively available to subscribers. However, existing users who already downloaded the game from Google Play in the past will not be impacted. They will be able to play the game as usual or even re-download it from their account library if they used to have it installed. But new players will only be able to get the game from the Netflix app.
The test aims to better understand how mobile gaming will resonate with Netflix members and determine what other improvements Netflix may need to make to the overall functionality, the company said. It chose Poland as the initial test market because it has an active mobile gaming audience, which made it seem like a good fit for this early feedback.
Netflix couldn’t say when it would broaden this test to other countries, beyond “the coming months.”
The streamer recently announced during its second-quarter earnings that it would add mobile games to its offerings, noting that it viewing gaming as “another new content category” for its business, similar to its “expansion into original films, animation and unscripted TV.”
The news followed what had been a sharp slowdown in new customers after the pandemic-fueled boost to streaming. In North America, Netflix in Q2 lost a sizable 430,000 subscribers — its third-ever quarterly decline in a decade. It also issued weaker guidance for the upcoming quarter, forecasting the addition of 3.5 million subscribers when analysts had been looking for 5.9 million. But Netflix downplayed the threat of competition on its slowing growth, instead blaming a lighter content slate, in part due to Covid-related production delays.
Google has now taken another step towards the public release of the latest version of the Android operating system, Android 12. The company today released the fourth beta of Android 12, whose most notable new feature is that it has achieved the Platform Stability milestone — meaning the changes impacting Android app developers are now finalized, allowing them to test their apps without worrying about breaking changes in subsequent releases.
While the updated version of Android brings a number of new capabilities for developers to tap into, Google urges its developers to first focus on releasing an Android 12-compatible update. If users find their app doesn’t work properly when they upgrade to the new version of Android, they may stop using the app entirely or even uninstall it, the company warns.
Among the flagship consumer-facing features in Android 12 is the new and more adaptive design system called “Material You,” which lets users apply themes that span across the OS to personalize their Android experience. It also brings new privacy tools, like microphone and camera indicators that show if an app is using those features, as well as a clipboard read notification, similar to iOS, which alerts to apps that read the user’s clipboard history. In addition, Android 12 lets users play games as soon as they download them, through a Google Play Instant feature.Other key Android features and tools, like Quick Settings, Google Pay, Home Controls, and Android widgets, among others, have been improved, too.
Google has continued to roll out smaller consumer-facing updates in previous Android 12 beta releases, but beta 4 is focused on developers getting their apps ready for the public release of Android, which is expected in the fall.
Image Credits: Google
The company suggested developers look out for changes that include the new Privacy Dashboard in Settings, which lets users see which app are accessing what type of data and when, and other privacy features like the indicator lights for the mic and camera, clipboard read tools, and new toggles that lets users turn off mic and camera access across all apps.
The new Android 12 beta 4 release is available on supported Pixel devices, and on devices from select partners including ASUS, OnePlus, Oppo, Realme, Sharp, and ZTE. Android TV developers can access beta 4 as well, via the ADT-3 developer kit.
Weeks after Instagram rolled out increased protections for minors using its app, Google is now doing the same for its suite of services, including Google search, YouTube, YouTube Kids, Google Assistant, and others. The company this morning announced a series of product and policy changes that will allow younger people to stay more private and protected online and others that will limit ad targeting.
The changes in Google’s case are even more expansive than those Instagram announced, as they span across an array of Google’s products, instead of being limited to a single app.
Though Congress has been pressing Google and other tech companies on the negative impacts their services may have on children, not all changes being made are being required by law, Google says.
“While some of these updates directly address upcoming regulations, we’ve gone beyond what’s required by law to protect teens on Google and YouTube,” a Google spokesperson told TechCrunch. “Many of these changes also extend beyond any single current or upcoming regulation. We’re looking at ways to develop consistent product experiences and user controls for kids and teens globally,” they added.
In other words, Google is building in some changes based on where it believes the industry is going, rather than where it is right now.
On YouTube, Google says it will “gradually” start adjusting the default upload setting to the most private option for users ages 13 to 17 in the weeks ahead, which will limit the visibility of videos only to the the users and those they directly share with, not the wider public. These younger teen users won’t be prevented from changing the setting back to “public,” necessarily, but they will now have to make an explicit and intentional choice when doing so. YouTube will then provide reminders indicating who can see their video, the company notes.
YouTube will also turn on its “take a break” and bedtime reminders by default for all users ages 13 to 17 and will turn off autoplay. Again, these changes are related to the default settings — users can disable the digital well-being features if they choose.
On YouTube’s platform for younger children, YouTube Kids, the company will also add an autoplay option, which is turned off autoplay by default so parents will have to decide whether or not they want to use autoplay with their children. The change puts the choice directly in parents’ hands, after complaints from child safety advocates and some members of Congress suggested such an algorithmic feature was problematic. Later, parents will also be able to “lock” their default selection.
YouTube will also remove “overly commercial content” from YouTube Kid, in a move that also follows increased pressure from consumer advocacy groups and childhood experts, who have long since argued that YouTube encourages kids to spend money (or rather, beg their parents to do so.) How YouTube will draw the line between acceptable and “overly commercial” content is less clear, but the company says it will, for example, remove videos that focus on product packaging — like the popular “unboxing” videos. This could impact some of YouTube’s larger creators of videos for kids, like multi-millionaire Ryan’s Toy Review.
Image Credits: YouTube
Elsewhere on Google, other changes impacting minors will also begin rolling out.
In the weeks ahead, Google will introduce a new policy that will allow anyone under the age of 18, or a parent or guardian, to request the removal of their images from Google Image search results. This expands upon the existing “right to be forgotten” privacy policies already live in the E.U., but will introduce new products and controls for both kids and teenagers globally.
The company will make a number of adjustments to user accounts for people under the age of 18, as well.
In addition to the changes to YouTube, Google will restrict access to adult content by enabling its SafeSearch filtering technology by default to all users under 13 managed by its Google Family Link service. It will also enable SafeSearch for all users under 18 and make this the new default for teens who set up new accounts. Google Assistant will enable SafeSearch protections by default on shared devices, like smart screens and their web browsers. In school settings where Google Workspace for Education is used, SafeSearch will be the default and switching to Guest Mode and Incognito Mode web browsing will be turned off by default, too, as was recently announced.
Meanwhile, location history is already off by default on all Google accounts, but children with supervised accounts now won’t be able to enable it. This change will be extended to all users under 18 globally, meaning location can’t be enabled at all under the children are legal adults.
Google’s parental control tools are also being expanded. Parents and guardians who are Family Link users will gain new abilities to filter and block news, podcasts, and access to webpages on Assistant-enabled smart devices.
For advertisers, there are significant changes in store, too.
Google says it will expand safeguards to prevent age-sensitive ad categories from being shown to teens and it will block ad targeting based on factors like age, gender, or interests for users under 18. While somewhat similar to the advertising changes Instagram introduced, as ads will no longer leverage “interests” data for targeting young teens and kids, Instagram was still allowing targeting by age and gender. Google will not. The advertising changes will roll out globally in the “coming months,” the company says.
All the changes across Google and YouTube will roll out globally in the coming weeks and months.
This morning, Wix announced a new product for business owners called Branded App by Wix, which allows users to develop native apps without writing code. The publicly-traded company provides tools for people and businesses to manage their online presence, but it’s most well-known for its drag-and-drop website builder. Now, the platform is expanding its user-friendly approach by making it possible for anyone to build an app without learning how to code.
“Users came to us with the need to create a native app that is branded with their name and logo,” said Ronny Elkayam, SVP of Mobile, App Market & Strategic Products at Wix. “Many of our users are businesses, and businesses have a desire to portray a situation that they are bigger than they are. They want to follow the big businesses that have native apps.”
At $200 per month, Branded App by Wix is no small investment; users will also have to pay a yearly $99 fee to be on the App Store, and a one-time $25 fee for Google Play. But according to Wix, native mobile apps can help businesses ultimately drive more sales. For users that already have a Wix website, the app builder can automatically integrate features from their website, making the process more simple.
“If you’re a restaurant, and you have your menu configured on your website for online ordering, the same menu is going to show up on the app. You don’t need to configure it. Any purchases or any orders from that menu are going to show up in your dashboard,” Elkayam said.
Out of Wix’s 200 million users, 5 million are paid subscribers. For businesses, Wix’s most popular plan is $27 per month for a website, which includes access to e-commerce features. Even users with a free website (which has limited capabilities and is emblazoned with the Wix logo) can create an app — Branded App by Wix is a new product, not an additional feature for existing subscribers. Business owners can customize their app’s icon, layout, and content, including product pages, booking services, forums and groups, chat functions, blogs, push notifications, and more. Wix will automatically update users’ apps to remain compatible with the latest versions of iOS and Android.
A competitor in the no-code app building space, Bubble charges between $29 and $529 per month, with a free plan for users to learn how to use the product and develop their app. But Bubble’s offerings are web-based, while Wix’s apps are native, which means they can be downloaded from the App Store and Google Play.
In 2020, Wix had 31 million new users — Elkayam said that Wix’s growth increased under the conditions of the coronavirus pandemic. The company will announce its Q2 earnings tomorrow, but in Q1, the company had $304 million in revenue, up 41% year-over-year.
After beta testing with hundreds of users, Branded App by Wix is now available to all users. Those who sign up during the temporary “presale” will get the product for 50% off for life.
Welcome back to This Week in Apps, the weekly TechCrunch series that recaps the latest in mobile OS news, mobile applications and the overall app economy.
The app industry continues to grow, with a record 218 billion downloads and $143 billion in global consumer spend in 2020. Consumers last year also spent 3.5 trillion minutes using apps on Android devices alone. And in the U.S., app usage surged ahead of the time spent watching live TV. Currently, the average American watches 3.7 hours of live TV per day, but now spends four hours per day on their mobile devices.
Apps aren’t just a way to pass idle hours — they’re also a big business. In 2019, mobile-first companies had a combined $544 billion valuation, 6.5x higher than those without a mobile focus. In 2020, investors poured $73 billion in capital into mobile companies — a figure that’s up 27% year over year.
This Week in Apps will finally be a newsletter! It will launch on August 7. Sign up now!
Google Play updates its policies
Did you hear the one about Google Play banning sugar daddy dating apps? Google this week updated its terms to clarify that apps where users offer sex acts in exchange for money, or “sugar dating,” as the new terms state, are no longer allowed as of September 1, 2021.
Developers will have to disclose to users whether their app uses security practices like data encryption, whether it follows Google Play’s Families policy for apps aimed at kids, whether users have a choice in data sharing, whether the app’s safety section had been verified by a third party, and if the app allowed users to request data deletion at the time of uninstalling, among other things.
Apps that don’t disclose won’t be able to list or update until the problems are fixed.
The safety section wasn’t the only Google Play policy news to be announced this week.
Google also reminded developers that it was making a technical change to how advertising IDs work. Now, when users opt out of interest-based advertising or ads personalization, their advertising ID is removed and replaced with a string of zeros. The change, however, is a phased rollout, affecting apps running on Android 12 devices starting late 2021 and expanding to all apps running on devices that support Google Play in early 2022.
Google also said it will test a new feature that notifies developers and ad/analytics service providers of user opt-out preferences and is prohibiting linking persistent device identifiers to personal and sensitive user data or resettable device identifiers. Kids apps will also not be able to transmit an ad ID.
Another policy update includes a plan to close dormant accounts. Google says if the account is inactive or abandoned after a year, it will be closed. This will include accounts where the developer has never uploaded an app or accessed Google Play Console in a year.
In response to feedback and complaints, Apple is clearly trying to fix some of the issues that arose from this change. It re-added a Share button to the tab bar and put additional controls under that menu. There’s also once again a reload button in the tab bar next to the domain name, though it’s a bit smaller, and a Reader Mode button will appear in the tab bar when Reader is available
On iPad, Safari also reverted back to the traditional separate row of tabs, instead of the new compact experience.
Elon Musk sided with Fortnite maker Epic Games in the Apple App Store antitrust lawsuit, as the Tesla CEO tweeted on Friday that Apple’s App Store fees were “a de facto global tax on the Internet.” The lawsuit alleges Apple is abusing its platform power with how it commissions apps and in-app purchases on its App Store platform — fees that add up to big numbers for a game like Fortnite, which arguably doesn’t need an App Store for discovery, marketing, payments and distribution. But there’s no other way to sell to iOS users today. On Android, apps can at least be sideloaded. It’s not currently clear why Musk has decided to take a stand on the issue, as none of his companies’ apps are dramatically impacted by Apple’s fees at present.
Apple announced plans to end support for a number of SiriKit intents and commands, including those that could impact major apps — like ride-sharing app Uber. In total, there are over 20 SiriKit intent domains that will be deprecated and no longer supported in new and existing OS releases, Apple says.
Apple tweaked the controversial iOS 15 Safari changes in the latest betas (iOS 15 and iPadOS 15, beta 4). The new Safari design had moved the tab bar (URL bar) to the bottom of the screen — a fairly radical change for one of the iPhone’s most used apps. It was meant to make the controls easier to reach but critics said that the change made other often used features — like the reload button or Reader Mode — harder to find and use, impacting the overall usability of the browser itself.
Google this week launched version 1.0 of Jetpack Compose, Android’s new, native UI toolkit aimed at helping developers build better apps faster. The tool had been in beta since March. The new production release is built to integrate with the Jetpack libraries developers already use, and offers an implementation of Material Design components and theming. New features include Compose Preview and Deploy Preview, which require Android Studio Arctic Fox, which is also out now in a stable release.
Google also announced the availability of the CarHardwareManager API via the Android for Cars App Library as part of Jetpack.
Twitter launched a U.S. e-commerce pilot test that will help determine the current appetite for online shopping on its platform. The test allows brands and businesses to feature a “Shop Module” with various products for sale at the top of their Professional Profile, a business-friendly version of a profile page with support for things like an address, hours, phone number and more. Users can click on the Shop Module to go to a retail website and transact. Early testers include Game Stop and Arden Cove. The feature itself is somewhat bare bones for now, as it’s really just an image that launches an in-app browser. That’s not enough to really compete with something like Instagram Shop or Shopify’s Shop and the integrated, native checkout experience those types of app offers.
Fintech giant Robinhood raised $2.1 billion in its IPO this week. The IPO valued the trading app at $31.8 billion, making it larger that traditional rivals like Charles Schwab, even though the offering priced at the bottom of its range. The stock dropped 8% during its first day’s trading, however. Robinhood now has 21.3 million MAUs.
PayPal during its second-quarter earnings call announced its new “super app” is now code-complete and ready to roll out. The app will feature early direct deposit, check cashing, high yield savings, budgeting tools, improved bill pay, crypto support, subscription management, buy now, pay later functionality, mobile commerce, and person-to-person messaging features. The latter hadn’t yet been announced and would allow users to chat outside of the payments process.
Code found in Apple’s Wallet app indicates that iOS 15 will require users to verify their identities by taking a selfie when they add their driver’s license or other state identification card to the iPhone.
Instagram announced a series of significant changes to how it handles the accounts of younger teens. The company says it will now default users to private accounts at sign-up if they’re under the age of 16 — or under 18 in certain locales, including in the EU. It will also push existing users under 16 to switch their account to private if they have not already done so. In addition, Instagram is rolling out new technology aimed at reducing unwanted contact from adults — like those who have already been blocked or reported by other teens — and it will change how advertisers can reach its teenage audience. The changes give the company a way to argue to regulators that it’s capable of self-policing as it attempts to roll out a version of Instagram to younger users under the age of 13.
Twitter rolls out an update to its live audio platform, Twitter Spaces, that will make it easier to share the audio room with others. Users will be able to compose a tweet right from the Space that links to the room and includes any accompanying hashtags. iOS users also received new guest management controls for hosts.
Snapchat resolved an outage that was stopping people from logging in on Thursday. Unlike other app blips, which fix themselves often without users’ awareness, Snap told users to manually update their app if the issues continued.
Snapchat also this week added a “My Places” feature to Snap Map, which allows users to log their favorite spots, share them with friends and find recommendations. The feature supports over 30 million businesses and allows Snap to differentiate its map from a utility like Google Maps or Apple Maps, because it’s about personal recommendations from people you know and trust: your friends.
Instagram added support for 60-second videos to its TikTok clone, Reels. Previously, only Reels of up to 30 seconds were supported. Sixty seconds is in line with other platforms like YouTube Shorts and Snapchat’s Spotlight. But TikTok is now inching into YouTube territory, as it recently expanded to support three-minute videos.
TikTok expanded its LIVE platform with a huge lineup of new features including the ability to go live with others, host Q&As, use moderators and improved keyword filters, and more. For viewers, TikTok is adding new discovery and viewing tools, including picture-in-picture mode and ways to jump to LIVE streams from the For You and Following feeds. Some markets, including the U.S. already had access to LIVE Events, but the feature is now expanding. Meanwhile, the co-host feature currently supports going live with one other creator, but TikTok says it’s now testing multiple hosts.
Discord launched a new feature, Threads, which will make it easier to read through longer conversations on busy servers. Now, any server with “Community” features enabled will be able to transform their messages into threaded conversations across mobile and desktop. The threads will be designated by their own subject name and can be created by selecting a new hashtag symbol that appears in the menu when hovering over messages or by pressing the + sign in the chat bar.
Pinterest shares dropped by more than 12% after the company reported its second-quarter earnings on Thursday. Despite beating on estimates with revenue of $613.2 million and earnings per share of 25 cents, investors were disappointed by the miss on user growth. The company reported monthly active user growth of just 9% to reach 454 million, when analysts were expecting 482 million. Pinterest blamed COVID impacts for the slowdown. The news follows Pinterest’s launch of new tools for creators to monetize their content, with Ideas Pins — the recently launched video-first format that lets creators show off their work. Now, creators can make their pins “shoppable” and take commissions on those purchases.
WhatsApp is testing support for higher image upload quality on iOS devices. The feature was discovered on WhatsApp’s TestFlight version for iOS but is not yet public and offers three options: auto, best quality or data saver.
Streaming & Entertainment
Spotify’s Clubhouse clone, Greenroom, is off to a slow start.The app has only been downloaded 140,000+ times on iOS and 100,000+ on Android, including installs from its earlier life as Locker Room, an app that Spotify acquired to move into live audio. Meanwhile, Spotify has 365 million monthly active users on its flagship streaming app.
Spotify also reported its Q2 earnings this week, where it posted a $23.6 million loss and failed to reach its forecast for total MAUs, despite growing MAUs 22% YOY to 365 million. It now has 165 million paying subscribers, which is up 20% YOY.
In a change to its app, Spotify added an attention-grabbing “What’s New” feed that offers personalized updates about new releases and new podcast episodes. The feature is available through a notification bell icon and uses a blue dot to indicate when there’s something new to see. Dots like this are a psychological hacks popularized by social apps like Facebook and Instagram to addict users, which could impact user engagement time on Spotify’s app.
Apple’s GarageBand app for iOS and iPadOS now lets you remix tracks from top artists and producers like Dua Lipa and Lady Gaga. There are also new Producer Packs with beats, loops and instruments created for GarageBand by top producers, including Boys Noize, Mark Lettieri, Oak Felder, Soulection, Take A Daytrip, Tom Misch and TRAKGIRL.
Google TV’s mobile app was updated with new services and personalized recommendations, following last fall’s launch of the Google TV user experience for Chromecast devices. The app now sports 16:9 widescreen movie and show posters, and added new providers Discovery+, Viki, Cartoon Network, PBS Kids, Boomerang, plus on-demand content from live TV services, including YouTube TV, Philo and fuboTV.
Epic Games announced that Fortnite will host another in-game event it’s calling the “Rift Tour,” which kicks off Friday, August 6 and runs through Sunday, August 8. What it hasn’t yet said is what the Rift Tour is, beyond a “musical journey into magical new realities” that will feature a “record-breaking superstar.”
Health & Fitness
Facebook’s Oculus division is exploring an integration of Oculus Workouts with Apple’s Health app, according to the app’s code. An integration would allow users to store their workout data in Health.
Usage of mobile video conferencing apps like Zoom grew by 150% in the first half of 2021, according to a report from Sensor Tower. Zoom, Microsoft Teams and Google Meet saw a surge in usage, collectively climbing to nearly 21x higher than in H1 2019, the firm found.
Google Voice’s app was updated with a few refinements, including a way to see the reason for a missed call or dropped call, and an easy way to redial. iOS users can now show their Google Voice number as their caller ID when they get a calling through a forwarding number. Another change will allow users to delete multiple SMS messages at once.
Language learning app Duolingo raised $521 million in its U.S. IPO, priced above the marketed range. The company priced 5.1 million shared at $102, after first marketing them at $95 to $100.
Amazon this week rolled out an update to its Alexa iOS app that allows users to add an Alexa widget to their iOS homescreen. The widget lets you tap on a button to speak to the virtual assistant and issue commands. Watch out Siri! (Ha, just kidding.)
Google Maps also updated its iOS app this week to add support for a homescreen widget. There are two different widgets sizes to choose from — one that gives info like weather and traffic, while another is more of a shortcut to nearby places like gas stations, restaurants, work and home.
Google is working on a”Switch to Android” app for iOS users that will copy over data and apps from an iPhone to bring them to a new Android device. Apple already offers a similar app, called “Move to iOS” for Android users.
Parking app usage has popped to pre-pandemic levels, Apptopia reported. Apps in this space help users find availability in lots and garages nearby and facilitate payments. Browsing time in apps was up 57% YOY in July, and overall parking app usage is now 6.2% above Jan. 2020 pre-pandemic levels.
Moovit integrated Lime’s electric scooters, bikes and mopeds into its transit-planning app that’s live in 117 cities across 20 countries and continents, including the United States, South America, Australia and Europe.
Government & Policy
Tencent’s WeChat suspended new user registrations in China to comply with “relevant laws and regulations.” The move comes amid a broad crackdown on tech companies by Chinese regulators, related to data collection and other harmful practices.
Recently, China ordered Tencent and 13 other developers to fix problems related to pop-ups inside their apps, as part of the tech crackdown. The regulator also said it would tighten controls on misleading and explicit content used for marketing, and issued fines for offensive content to Tencent, Kuaishou and Alibaba.
Security & Privacy
Apple released patches for iOS, iPadOS and macOS to address a zero-day vulnerability that had been exploited in the wild. Apple said the exploit could exploit the vulnerability known as CVE-2021-30807 to execute arbitrary code with kernel privileges on a vulnerable and unpatched device.
Google Play Protect failed an Android security test, according to a report from Bleeping Computer. The mobile threat protection solution ranked last out of 15 Android security apps tested over a span of six months, between January to June 2021.
Funding and M&A
Product insights and analytics startup Pendo raised $150 million at a $2.6 billion valuation, ahead of its expected IPO. The round was led by B Capital, the firm from Facebook co-founder Eduardo Saverin, and included new investor Silver Lake Waterman, alongside existing backers. Pendo’s platform helps companies gather data on how customers use their apps, including clients like Okta, Toast and others.
Twitter “acqui-hired” the team from subscription news app, Brief, who will now join Twitter’s Experience.org group, which works on Twitter Spaces and Explore. Brief had offered a non-biased news app that allowed you to get both sides of a story and all the necessary facts. Deal terms weren’t disclosed.
Delivery app Gopuff confirmed its $1 billion fundraise at a $15 billion valuation, aimed at expanding its instant delivery service. TechCrunch previously reported the news when the Series H was still being closed.
Indian travel app Ixigo raised $53 million (Rs 395 crore), prepping the business for a valuation of $750 million-$800 million for its upcoming IPO. The round was led by Singapore sovereign wealth fund GIC.
Mobile-first digital wallet Valora native to the Celo network raised $20 million in Series A funding led by Andreessen Horowitz (a16z), a Celo backer, to become a global gateway to crypto.
Crypto wallet company Eco, backed by a16z, raised $60 million in new funding led by Activant Capital and L Catterton. Eco offers a digital wallet with rewards and no fees, and has average deposits of around $6,000.
Search API startup Algolia, which lets developers integrate real-time search in apps or websites, raised $150 million in Series D funding, valuing the business at $2.25 billion, post-money. The round was led by Lone Pine Capital. Algolia now has over 10,000 customers, including Slack, Stripe, Medium, Zendesk and Lacoste.
Brain Technologies raised $50+ million for Natural, a natural language search engine and super app for iOS, which wants users to stop switching between apps to order food, groceries or go shopping. Backers include Laurene Powell Jobs’ Emerson Collective, Goodwater Capital, Scott Cook and WTT Investment.
Messaging app Element, built on the decentralized Matrix protocol, raised $30 million in a Series B round of funding. Investors include open-source R&D lab Protocol Labs and Metaplanet. a fund from Skype co-founder Jaan Tallinn, as well as past investors Automattic and Notion.
Indonesia-based grocery app HappyFresh raised $65 million in Series D funding in a round led by Naver Financial Corporation and Gafina B.V. The app offers an Instacart-like grocery delivery service for parts of Asia, which today operates in Indonesia, Malaysia and Thailand.
Indian D2C beauty brand MyGlamm, which sells products through an app and website, raised $71.3 million in Series C financing, from Amazon, Ascent Capital and Wipro.
Image Credits: Nanogram
Developer Kosta Eleftheriou may have taken on Apple in legal battles and on Twitter, as he points out the numerous app scams on the App Store, but that hasn’t stopped him from building new apps.
This week, Eleftheriou introduced Nanogram, a Telegram client app that works on the Apple Watch without needing an iPhone connection. Eleftheriou said he was inspired to build Nanogram because he wanted a Telegram app for his LTE Apple Watch and didn’t like the official version that didn’t provide “basic and reliable messaging functionality.” So he built his own app from scratch using the Telegram SDK, which allows you to send, receive and view all your messages and notifications right from your wrist — even if you don’t have your phone nearby. The app also supports Eleftheriou’s FlickType Swipe Keyboard for faster replies while on the go.
Eleftheriou notes the app doesn’t collect any personal information and requires an Apple Watch Series 3 or later, running watchOS 7 or later.
Lightricks’ Videoleap for Android
Image Credits: Lightricks
After seeing a 70% yearly increase for its iOS version, Lightricks brought its Videoleap app to the Google Play Store. The app has grown popular with online creators for offering professional quality editing tools on mobile, including those that let you apply artistic effects, mix videos with images, add text and layer transformations and more. The company says Videoleap users are now creating 35 million pieces of content per month, and 47% of users are exporting their creations to TikTok in pursuit of monetizing their content further. The app, like others from Lightricks (which also makes FaceTune and others), monetizes by way of in-app subscriptions.
Apple app store fees are a de facto global tax on the Internet. Epic is right.
I've been fascinated to watch the reaction to Safari in iOS 15 because in 2016-2017, I worked on a similar redesign for mobile Chrome that we never launched. Finally decided to tell a bit of that story here: https://t.co/gF4hepQM5V
Scroll down on a Google Play app listing and you’ll soon see this new privacy section. [credit: Google ]
In iOS 14, Apple added a “privacy” section to the app store, requiring app developers to list the data they collect and how they use it. Google—which was one of the biggest targets of Apple’s privacy nutrition labels and delayed app updates for months to avoid complying with the policy—is now aping the feature for Google Play.
Google posted a demo of what the Google Play “Data privacy & security” section will look like, and it contains everything you’d expect if you’ve looked at the App Store lately. There’s information on what data apps collect, whether or not the apps share the data with third parties, and how the data is stored. Developers can also explain what the data is used for and if data collection is required to use the app. The section also lists whether or not the collected data is encrypted, if the user can delete the data, and if the app follows Google’s “Families” policy (meaning all the usual COPPA stuff).
In the wake of Apple’s advances into consumer privacy with initiatives like App Tracking Transparency and App Store privacy labels, Google recently announced its own plans to introduce a new “safety section” on Google Play that offers more information about the data apps collect and share, and other security and privacy details. Today, the company is sharing for the first time what the new section’ user interface will look like, along with other requirements for developers.
In May, Google explained the safety section would be designed to easily communicate to users how apps are handling their data, so they could make informed choices. It said app developers would need to disclose to users whether their app uses security practices like data encryption, whether it follows Google Play’s Families policy for apps aimed at kids, whether users have a choice in data sharing, whether the app’s safety section had been verified by a third party, and if the app allowed users to request data deletion at the time of uninstall, among other things.
In the user interface concept Google debuted today, developers are now able to see how this feature will look to the end user.
Image Credits: Google
In the safety section, users will be able to see the developer’s explanation of what data the app collects followed by those other details, each with their own icon to serve as a visual indicator.
When users tap into the summary, they’ll be able to then see other details like what data is collected or shared — like location, contacts, personal information (e.g., name, email address), financial information and more.
They’ll also be able to see how the data is used — for app functionality, personalization, etc. — and whether data collection is optional.
Image Credits: Google
Google says it wants to give developers plenty of time to prepare for these Play Store changes which is why it’s now sharing more information about the data type definitions, user journey and policy requirements of the new feature.
Image Credits: Google
In October 2021, developers will be able to submit their information in the Google Play Console for review, ahead of the planned launch of the safety section in Google Play, which is scheduled for the first quarter of 2022.
The company also notes it’s offering some buffer time after the section’s launch before apps must have their safety section approved by Google. However, the company says apps will have to be approved by Q2 2022 or risk having their app submissions or app updates rejected. And if an app doesn’t provide an approved safety section, the app will say “No information available.”
The change will help to highlight how many active developers are present on Google Play, as those will be the ones who will adopt the new policy and showcase how their apps collect and use data.
The question that remains is how stringent Google will be about enforcing its new guidelines and how carefully apps will be reviewed. One interesting note here is that conscientious developers will be able to submit their safety section for a third-party review and then be able to promote that to users concerned app data privacy and security.
This could help to address some potential criticism that these safety sections aren’t factual. That’s been a problem for Apple since the launch of its App Store privacy labels, in fact. The Washington Post discovered that a number of apps were displaying false information, making them less helpful to the users whose data they aimed to protect.
When reached for comment, however, Google declined to share more details about how the third-party verification process will work.
Following last fall’s debut of Google TV, the new user interface for Chromecast devices, Google is today giving its Google TV companion app for Android a makeover. The updated version of the mobile app for Google TV includes an updated user interface, expanded set recommendations, and more TV and movies to watch.
The app in earlier days was known as “Google Play Movies & TV” (whew!) but rebranded to just “Google TV” alongside the changes that rolled out to Chromecast in September. Here, users can browse over 700,000 movie and TV episodes from across top streaming apps, find new things to watch, and rent or purchase movies and shows, including new releases.
Now, Google is updating the app’s look-and-feel with new 16:9 widescreen movie and show posters which it says will give the app a more “cinematic” look.
Image Credits: Google
In addition, it’s adding the Rotten Tomatoes scores directly under each poster to help users make decisions about what they want to watch next. You can also visit a movie or TV show’s details page and mark it as “watched” in order to improve the app’s recommendations. This will allow Google TV to make further recommendations based on your watch history, and could be helpful if you’re not a regular app user to start tailoring its suggestions to your interests. However, the feature won’t help you keep up with your progress in a show, as the Reelgood or TV Time apps allow for, as you can’t mark individual episodes as watched, only entire series.
The recommendations are another feature that’s been improved with the latest release to be more aligned with what you’d see with the TV experience. In addition to featuring more rows of personalized suggestions to browse through, the app’s recommendation system will now be based on what you’ve watched in the past, your interests from your Google account, and trending and popular content in your region. Trending recommendations are sourced from what’s popular or trending across Google products, what’s being mentioned across the web, as well as hand-picked selections from human editors. For instance, you could see recommendations that suggest “summer blockbusters,” or other timely suggestions.
Users will also now see new movie and how recommendations as new content is released from services they subscribe to.
Image Credits: Google
The app has also expanded its content lineup by adding new providers like Discovery+, Viki, Cartoon Network, PBS Kids, and Boomerang, as well as on-demand content from live TV services, including of course, YouTube TV, as well as Philo and fuboTV. These providers were previously unavailable for search and discovery inside the mobile app, following the platform update in the fall.
Google said during its I/O Developer conference in May that the Android TV OS had reached an install base of 80 million monthly active devices, but it didn’t break down how many consumers streamed on through the Roku and Fire TV rival, Google TV for Chromecast, which is powered by Android TV OS under-the-hood. Instead, Google combined that figure with the numerous Android TV OS-powered devices on the market that include those offered by other streaming device brand partners and TV service providers — meaning the number included operator-tier and set-top boxes, too, which is a different type of market.
The company said the new features are available now on the Google TV Android app in the U.S. but couldn’t offer a timeline for other platforms or an international expansion.
At its Game Developer Summit, Google today announced a new feature for Android game developers today that will speed up the time from starting a download in the Google Play store to the game launching by almost 2x — at least on Android 12 devices. The name of the new feature, ‘play as you download,’ pretty much gives away what this is all about. Even before all the game’s assets have been downloaded, players will be able to get going.
On average, modern games are likely the largest apps you’ll ever download and when that download takes a couple of minutes, you may have long moved on to the next TikTok session before the game is ever ready to play. With this new feature, Google promises that it’ll take only half the time to jump into a game that weighs in at 400MB or so. If you’re a console gamer, this whole concept will also feel familiar, given that Sony pretty much does the same thing for PlayStation games.
Now, this isn’t Google’s first attempt at making games load faster. With ‘Google Play Instant,’ the company already offers a related feature that allows gamers to immediately start a game from the Play Store. The idea there, though, is to completely do away with the install process and give potential players an opportunity to try out a new game right away.
Like Play Instant, the new ‘play as you download’ feature is powered by Google’s Android App Bundle format, which is, for the most part, replacing the old APK standard
Welcome back to This Week in Apps, the weekly TechCrunch series that recaps the latest in mobile OS news, mobile applications and the overall app economy.
The app industry continues to grow, with a record 218 billion downloads and $143 billion in global consumer spend in 2020. Consumers last year also spent 3.5 trillion minutes using apps on Android devices alone. And in the U.S., app usage surged ahead of the time spent watching live TV. Currently, the average American watches 3.7 hours of live TV per day, but now spends four hours per day on their mobile devices.
Apps aren’t just a way to pass idle hours — they’re also a big business. In 2019, mobile-first companies had a combined $544 billion valuation, 6.5x higher than those without a mobile focus. In 2020, investors poured $73 billion in capital into mobile companies — a figure that’s up 27% year-over-year.
This Week in Apps offers a way to keep up with this fast-moving industry in one place with the latest from the world of apps, including news, updates, startup fundings, mergers and acquisitions, and suggestions about new apps and games to try, too.
Android ad prices jump in wake of privacy updates on iOS
The Wall St. Journal reported this week how Apple’s privacy changes are changing the world of mobile advertising — in this case, ad pricing across platforms. The news outlet has been covering the broader impact of Apple’s decision to let users block apps from tracking them, noting how ad sales, including Facebook’s ad business, would be affected. (And how Apple’s own ad business would gain.)
This week, The WSJ says most users are declining tracking on iOS (less than 33% opt in), and as a result, mobile ad prices on iOS have fallen. The outlet cites data from ad measurement firm Tenjin which notes that spending on iOS mobile ads has dropped around one-third between June 1 and July 1. Around the same time, Android spending rose 10% — an indication that, for the time being, some portion of the ad market has just shifted platforms. Facebook ad spend also shifted to Android, with year-over-year growth of 46% for Android users in May to 64% in June.
The news follows a story this week from The FT, which noted that Chinese tech giants’ plan to route around the IDFA changes with CAID (the Chinese Advertising ID), had failed. Apple blocked updates to apps using CAID, which led to it losing support and the project’s failure.
For most app users, the ability to block tracking is a welcome change, as far too much user data had been shared behind-the-scenes without users’ informed consent. But the full impacts of how the update will impact app monetization long-term — and ultimately which companies then choose to build on iOS — still remain to be seen.
37 AGs target Google Play in an antitrust lawsuit
A group of 37 attorneys general filed a second major antitrust lawsuit against Google, accusing the company of using its market power to stifle competition. The suit takes aim at Google’s Play Store, which requires users to pay for apps and in-app purchases using Google’s own payments system — which gives Google a percentage of the revenue. In addition, the suit alleges that Google makes misleading security claims about the need for a walled garden app store like Google Play, in order to maintain its dominant position.
Google responded by calling the lawsuit “meritless” and noting that it ignores the openness of the Android platform, which permits other app stores and sideloading.
First Look: Pok Pok’s award-winning kids’ app Pok Pok Playroom shows off its sound design
Image Credits: Pok Pok
Recently launched Pok Pok Playroom from Pok Pok, a spinout from app maker Snowman (Alto’s Adventure, Alto’s Odyssey, Skate City), just took home an Apple Design Award in the “Delight and Fun” category for its app launched just months ago. Unlike other kids’ apps, Pok Pok promises an app that’s more of a digital “toy” that encourages real and imaginative play, not a mobile kids game. Now the company is sharing some of the techniques that helped it build this award-winning experience.
The company says it wanted to make sure there were no annoying sounds or repetitive music in the app that would bother parents or get stuck in kids’ heads. So it worked with its sound designer, Matt Miller, to ensure all the sounds in Pok Pok Playroom were sensory accessible and not overstimulating.
Miller often uses what he calls “found sounds” — that is, sounds he created by finding things to record — like a soup can, a vintage toy sourced from a local thrift shop, birds chirping, a spoon knocking on a pinecone and more. These give Pok Pok Playroom a more natural feel than other toys, which can sometimes feature loud or electronic-sounding noises that are overstimulating for kids and disruptive to those around them.
A new Comscore study offers a look at how much people use their preinstalled apps from Apple and Google. Not surprisingly, these built-in utilities and services — like email, notes, messaging, maps, photos, clocks and more — dominate people’s app usage. 75% of the top 20 most-used apps on iPhone were made by Apple, and 60% of the top Android apps were made by Google, but here’s the funny thing: The study was paid for by Facebook, a company that’s looking for any angle to make it seem like it’s not a monopoly. So of course it had to find the only other bigger apps it could — the ones that ship with your smartphone.
Image Credits: comscore
OnePlus confirmed it’s throttling a number of popular apps on the OnePlus 9 and OnePlus 9 Pro in order to improve battery life. Apps such as Chrome, Twitter, Zoom, WhatsApp, Facebook, Instagram, Snapchat, YouTube, Discord, Microsoft’s Office apps, Firefox and Samsung Internet, were affected. The issue was discovered due to inconsistent benchmarks in testing.
PayPal was the most downloaded P2P payments app globally during the first half of 2021, according to Apptopia. Rounding out the top 10 were Google Play, Alipay, PhonePe, Cash App, Paytm, Venmo, Zelle, Western Union and Remitly.
Personal finance app Charlie launched a redesign and a new feature called Direct Pay, which allows users to add their credit cards to the app to make extra payments toward their debt at their own pace. Or they can let the app recommend when it’s best to make payments toward their credit card debt. The company notes its users are now saving $66 monthly, which has added up to $30K+ of interest saved over the lifetime of their loans.
TikTok is piloting a new program that will allow U.S. users to apply for jobs using a TikTok video as a resume. Video applicants are asked to showcase their skillsets and experiences on video, then add #TikTokResumes to their caption. Pilot testers include a number of employers — like Chipotle, Target, WWE, Alo Yoga, Shopify, Contra, Movers + Shakers and others. The question is, will TikTokers feature these videos on the same account where they’ve posted personal content, dances and trends, or will this give way to a rise in Rinsta and Finsta-like TikTok accounts, where personal and more public content remains separated?
TikTok is also testing its own version of Cameo. The company was spotted testing a new feature that allows fans to pay for a shout-out video from their favorite creators directly in the app. According to screenshots of the feature, fans can request birthday wishes, pep talks and other messages, then pay using TikTok’s in-app currency.
TikTok launches Shoutouts – fans can request birthday wishes, pep talks and other messages from their favourite creators.
Twitter shared a few more ideas it’s thinking about in terms of new features around conversation health and privacy. This includes a one-stop “privacy check-in” feature that would introduce Twitter’s newer conversation controls options to users, and others that would allow people to be more private on the service, or to more easily navigate between public and private tweets or their various accounts.
TikTok on Tuesday experienced a widespread technical outage that lasted for over five hours before services were restored. U.S. users found that many videos were not loading during this time.
TikTok parent company ByteDance launched a new business arm called BytePlus, which will license the company’s various technologies to other businesses. This includes its AR effects, computer vision and machine translation tools, analytics and testing tools, and its recommendation engine that supports over 1.5 billion users. The company’s tools are being used by GOAT, Wego, Chilibeli, GamesApp, Webuy, Lark, and others, in addition to TikTok.
Trump has now sued Facebook, Twitter and Google for being “censored.” The companies enforced their terms of service in taking down Trump’s account across top social media platforms in the wake of the Jan. 6 attack on the Capitol. Trump’s lawsuit claims his First Amendment rights are being violated. The First Amendment applies to government censorship, not actions taken by businesses, however. Trump likely knows this but wanted to stir up some headlines.
Image Credits: Picsart
Popular photo-editing app PicsArt launched a brand refresh that includes a new name (Picsart), new logo, and a fresh new look across web and mobile, and more creator-friendly design flows. The app today has over 150 million monthly active users worldwide.
Everyone has thoughts on Instagram Head Adam Mosseri’s latest comments where he declared Instagram is “no longer” a photo-sharing app. His post was meant to alert users to upcoming tests that will see Instagram doing more experiments around how to better feature video in the app, but some are taking it as a sign that Instagram is more fully pivoting to a video-first experience.
Streaming & Entertainment
Reese Witherspoon’s media company, Hello Sunshine, is looking for an acquirer. The company has reportedly been in talks with multiple suitors, including Apple, The WSJ said. While the larger part of Hello Sunshine is it TV and movie film business, the company also operates the book club app, Reese’s Book Club, which serves as a place where many of the movie/TV deals are initially sourced.
More Spotify Premium users are reporting having gained access to the new feature, announced in May, that will allow them to download music to their Apple Watch so they can listen offline. The feature had been graduating rolling out, but appears to now be reaching a global audience.
Image Credits: Sensor Tower
Pokémon Go revenue from player spending has topped $5 billion as the game celebrates its five-year anniversary. According to Sensor Tower, the AR game now generates $1 billion on average per year, putting it at the op of the Geolocation AR category globally, ahead of others like Dragon Quest Walk and Square Enix.
The Alto’s Adventure series from Snowman is getting a new installment in the form of an upcoming Apple Arcade release called Alto’s Odyssey: The Lost City. The game is like a special edition of Alto’s Odyssey (the sequel to Alto’s Adventure), as it include extra features and content that’s deeply integrated, not just tacked on, including a new location called the Lost City. The game arrives on Apple Arcade on July 16th.
Health & Fitness
Amazon launched a new, employee-only app called Amazon WorkingWell for its health and wellness program that includes Associate-facing support, education and safety-prevention information across text content, videos, podcasts, and more.
Vaccine passport apps have hit 10 million global downloads, according to data from Apptopia. The firm analyzed the downloads for top apps including NHS, VeriFLY, NYS Excelsior, and CommonPass.
Image Credits: Apptopia
Government & Policy
Chinese ride-hailing giant Didi was pulled from several apps stores in China, including Apple’s App Store. According to Chinese regulators, the app was illegally collecting users’ personal info. Didi said it was making “corrections” and is halting new user sign-ups, but the app for existing users remained operational. China’s cybersecurity watchdog also suggested the company delay its IPO, and the app was removed from China’s WeChat and Alipay apps for new users.
Security & Privacy
9 Android apps with 5.8 million combined downloads were caught stealing users’ Facebook passwords. A security firm found apps offering photo editing, exercise, horoscopes and utilities that were tricking users into entering their Facebook credentials with the promise of removing ads from the app after signing into Facebook. Google has banned all the apps and their developers from the Play Store.
10 opioid addiction treatment apps were found sharing sensitive data with third parties, including a unique identifier on Android, unique device identifiers, phone numbers, and lists of installed apps. The apps have 180K combined downloads.
Google released its July 2021 security update for Pixel which patches a few “high”-priority (but not critical) vulnerabilities. The update is rolling out to a range of Pixel devices.
Funding and M&A (and a SPAC)
Publishing platform Hiber raised $15 million for its web platform that allows people to create user-generated games, similar to Roblox. The company also offers a creation app for Android devices and allows players to use Safari to create games on iOS.
Juni, a neobanking app for e-commerce and online marketing companies, raised $21.5 million in Series A funding. The round was co-led by DST Global and Felix Capital. The banking app has signed up 3,000 businesses on its waitlists, of which 200 have now joined.
Neighborhood social networking app Nextdoor said it’s going public via a SPAC. The company plans to merge with Khosla Ventures Acquisition Co. II, taking itself public at the same time. The transaction will value the business at approximately $4.3 billion, up from its 2019 valuation of $2.17 billion. The app has 27 million weekly active users across the U.S.
Pleo, a startup offering smart company cards for SMBs that automate expense reports, raised $150 million at a $1.7 billion valuation for its service that works across web and mobile.
Popshop Live raised $20 million in Series A funding at a $100 million valuation for its livestream shopping service, available on web and mobile. The round was led by Benchmark, and comes after 500% growth of the number of sellers on the platform in the last 3 months.
Live video shopping startup Talkshoplive raised $6 million in a seed extension round led by Raine Ventures. The company publishes an app that sellers can use with its live stream shopping platform.
Indian social commerce startup DealShare, which began as an e-commerce platform on WhatsApp, raised $144 million in Series D funding led by Tiger Global. The round values the company at $455 million post-money and will be used to help fund international expansion.
Indian edtech Teachmint raised $20 million in a “pre-Series B” round led by Learn Capital for its mobile-first, video-first tech platform.
European neobank Bunq, which offers a bank account you control from a mobile app, raised $228 million in Series A funding that values the business at $1.9 billion. The round was led by Pollen Street Capital and is the largest round for a European fintech.
Rec Room (Android launch)
Image Credits: Rec Room
Social gaming platform Rec Room, which recently became the first VR unicorn, has launched on the Google Play Store. The platform originally targeted only the VR market but expanded to other platforms as VR headset sales remained slow. Similar to Roblox and others, Rec Room allows players to dress up their avatars and play games built by other creators. To date, the app had been available on iOS, PlayStation 4 and 5; Xbox Series X and Xbox One, PC (via Steam), Oculus Quests and other VR headsets. It’s now live on Android to serve the larger global market.
OnMail (Android launch)
Image Credits: OnMail
Email service OnMail, which has previously been available on iOS, launched its app on the Google Play Store. The app aims to solve users’ biggest problems with email, including those with unwanted mail, email trackers, and more. As on iOS, OnMail lets you accept or reject senders before they hit your mailbox, blocks spy pixels, nudges you to follow up on emails, automatically organizes mail into smart folders (shopping, travel, packages, events), offers easy unsubscribe, monitors for refunds, checks grammar, makes it easier to send large attachments, and a lot more.
Image Credits: SwoonMe
A new startup called SwoonMe aims to fix the problem with superficial dating apps, where users primarily make decisions based on how someone looks in their photos. Instead, on SwoonMe, you take a selfie which the app converts into an avatar. This is what others will see when they come to your profile. You then record a voice clip to tell others about yourself and what you’re looking for in a partner. The result is that when people scroll through SwoonMe, they’re not making snap decisions based on what they’re seeing, but are rather making more thoughtful decisions based what they hear. When two people match, the app encourages them to continue to get to know each other using voice messages and soon, icebreaker games — not texting and photo-sharing. As they communicate, their avatar will slowly unveil their real photo.
Image Credits: Raise.com
A new app from gift card marketplace Raise.com, Slide, offers users 4% cash back on their purchases online and at over 150 popular stores, including Lowe’s, Petco, ULTA, Office Depot, Bed Bath & Beyond, Chipotle, Panera Bread, Chili’s, DoorDash, Domino’s, Aeropostale, Express, H&M, Foot Locker, Loft, REI, GameStop, AMC, Groupon, Southwest Airlines, Uber, AutoZone, and others. To use Slide and get 4% back, users open the app at checkout, choose their store, and enter their exact purchase amount. They’ll then show the barcode to the cashier, or if paying online, enter the code. The cash back can be transferred to Venmo or PayPal or saved for a future purchase.
A group of 37 attorneys general filed a second major multi-state antitrust lawsuit against Google Wednesday, accusing the company of abusing its market power to stifle competitors and forcing consumers into in-app payments that grant the company a hefty cut.
New York Attorney General Letitia James is co-leading the suit alongside with the Tennessee, North Carolina and Utah attorneys general. The bipartisan coalition represents 36 U.S. states, including California, Florida, Massachusetts, New Jersey, New Hampshire, Colorado and Washington, as well as the District of Columbia.
“Through its illegal conduct, the company has ensured that hundreds of millions of Android users turn to Google, and only Google, for the millions of applications they may choose to download to their phones and tablets,” James said in a press release. “Worse yet, Google is squeezing the lifeblood out of millions of small businesses that are only seeking to compete.”
In December, 35 states filed a separate antitrust suit against Google, alleging that the company engaged in illegal behavior to maintain a monopoly on the search business. The Justice Department filed its own antitrust case focused on search last October.
In the new lawsuit, embedded below, the bipartisan coalition of states allege that Google uses “misleading” security warnings to keep consumers and developers within its walled app garden, the Google Play store. But the fees that Google collects from Android app developers are likely the meat of the case.
“Not only has Google acted unlawfully to block potential rivals from competing with its Google Play Store, it has profited by improperly locking app developers and consumers into its own payment processing system and then charging high fees,” District of Columbia Attorney General Karl Racine said.
Like Apple, Google herds all app payment processing into its own service, Google Play Billing, and reaps the rewards: a 30 percent cut of all payments. Much of the criticism here is a case that could — and likely will — be made against Apple, which exerts even more control over its own app ecosystem. Google doesn’t have an iMessage equivalent exclusive app that keeps users locked in in quite the same way.
While the lawsuit discusses Google’s “monopoly power” in the app marketplace, the elephant in the room is Apple — Google’s thriving direct competitor in the mobile software space. The lawsuit argues that consumers face pressure to stay locked into the Android ecosystem, but on the Android side at least, much of that is ultimately familiarity and sunk costs. The argument on the Apple side of the equation here is likely much stronger.
The din over tech giants squeezing app developers with high mobile payment fees is just getting louder. The new multi-state lawsuit is the latest beat, but the topic has been white hot since Epic took Apple to court over its desire to bypass Apple’s fees by accepting mobile payments outside the App Store. When Epic set up a workaround, Apple kicked it out of the App Store and Epic Games v. Apple was born.
The Justice Department is reportedly already interested in Apple’s own app store practices, along with many state AGs who could launch a separate suit against the company at any time.
Several widely used opioid treatment recovery apps are accessing and sharing sensitive user data with third parties, a new investigation has found.
As a result of the COVID-19 pandemic and efforts to reduce transmission in the U.S, telehealth services and apps offering opioid addiction treatment have surged in popularity. This rise of app-based services comes as addiction treatment facilities face budget cuts and closures, which has seen both investor and government interest turn to telehealth as a tool to combat the growing addiction crisis.
While people accessing these services may have a reasonable expectation of privacy of their healthcare data, a new report from ExpressVPN’s Digital Security Lab, compiled in conjunction with the Opioid Policy Institute and the Defensive Lab Agency, found that some of these apps collect and share sensitive information with third parties, raising questions about their privacy and security practices.
The report studied 10 opioid treatment apps available on Android: Bicycle Health, Boulder Care, Confidant Health. DynamiCare Health, Kaden Health, Loosid, Pear Reset-O, PursueCare, Sober Grid, and Workit Health. These apps have been installed at least 180,000 times, and have received more than $300 million in funding from investment groups and the federal government.
Despite the vast reach and sensitive nature of these services, the research found that the majority of the apps accessed unique identifiers about the user’s device and, in some cases, shared that data with third parties.
Of the 10 apps studied, seven access the Android Advertising ID (AAID), a user-generated identifier that can be linked to other information to provide insights into identifiable individuals. Five of the apps also access the devices’ phone number; three access the device’s unique IMEI and IMSI numbers, which can also be used to uniquely identify a person’s device; and two access a users’ list of installed apps, which the researchers say can be used to build a “fingerprint” of a user to track their activities.
Many of the apps examined are also obtaining location information in some form, which when correlated with these unique identifiers, strengthens the capability for surveilling an individual person, as well as their daily habits, behaviors, and who they interact with. One of the methods the apps are doing this is through Bluetooth; seven of the apps request permission to make Bluetooth connections, which the researchers say is particularly worrying due to the fact this can be used to track users in real-world locations.
“Bluetooth can do what I call proximity tracking, so if you’re in the grocery store, it knows how long you’re in a certain aisle, or how close you are to someone else,” Sean O’Brien, principal researcher at ExpressVPN’s Digital Security Lab who led the investigation, told TechCrunch. “Bluetooth is an area that I’m pretty concerned about.”
Another major area of concern is the use of tracker SDKs in these apps, which O’Brien previously warned about in a recent investigation that revealed that hundreds of Android apps were sending granular user location data to X-Mode, a data broker known to sell location data to U.S. military contractors, and now banned from both Apple and Google’s app stores. SDKs, or software development kits, are bundles of code that are included with apps to make them work properly, such as collecting location data. Often, SDKs are provided for free in exchange for sending back the data that the apps collect.
“Confidentiality continues to be one of the major concerns that people cite for not entering treatment… existing privacy laws are totally not up to speed.” Jacqueline Seitz, Legal Action Center
While the researchers keen to point out that it does not categorize all usage of trackers as malicious, particularly as many developers may not even be aware of their existence within their apps, they discovered a high prevalence of tracker SDKs in seven out of the 10 apps that revealed potential data-sharing activity. Some SDKs are designed specifically to collect and aggregate user data; this is true even where the SDK’s core functionality is concerned.
But the researchers explain that an app, which provides navigation to a recovery center, for example, may also be tracking a user’s movements throughout the day and sending that data back to the app’s developers and third parties.
In the case of Kaden Health, Stripe — which is used for payment services within the app — can read the list of installed apps on a user’s phone, their location, phone number, and carrier name, as well as their AAID, IP address, IMEI, IMSI, and SIM serial number.
“An entity as large as Stripe having an app share that information directly is pretty alarming. It’s worrisome to me because I know that information could be very useful for law enforcement,” O’Brien tells TechCrunch. “I also worry that people having information about who has been in treatment will eventually make its way into decisions about health insurance and people getting jobs.”
The data-sharing practices of these apps are likely a consequence of these services being developed in an environment of unclear U.S. federal guidance regarding the handling and disclosure of patient information, the researchers say, though O’Brien tells TechCrunch that the actions could be in breach of 42 CFR Part 2, a law that outlines strong controls over disclosure of patient information related to treatment for addiction.
Jacqueline Seitz, a senior staff attorney for health privacy at Legal Action Center, however, said this 40-year-old law hasn’t yet been updated to recognize apps.
“Confidentiality continues to be one of the major concerns that people cite for not entering treatment,” Seitz told TechCrunch. “While 42 CFR Part 2 recognizes the very sensitive nature of substance use disorder treatment, it doesn’t mention apps at all. Existing privacy laws are totally not up to speed.
“It would be great to see some leadership from the tech community to establish some basic standards and recognize that they’re collecting super-sensitive information so that patients aren’t left in the middle of a health crisis trying to navigate privacy policies,” said Seitz.
Another likely reason for these practices is a lack of security and data privacy staff, according to Jonathan Stoltman, director at Opioid Policy Institute, which contributed to the research. “If you look at a hospital’s website, you’ll see a chief information officer, a chief privacy officer, or a chief security officer that’s in charge of physical security and data security,” he tells TechCrunch. “None of these startups have that.”
“There’s no way you’re thinking about privacy if you’re collecting the AAID, and almost all of these apps are doing that from the get-go,” Stoltman added.
Google is aware of ExpressVPN’s findings but has yet to comment. However, the report has been released as the tech giant prepares to start limiting developer access to the Android Advertising ID, mirroring Apple’s recent efforts to enable users to opt out of ad tracking.
While ExpressVPN is keen to make patients aware that these apps may violate expectations of privacy, it also stresses the central role that addiction treatment and recovery apps may play in the lives of those with opioid addiction. It recommends that if you or a family member used one of these services and find the disclosure of this data to be problematic, contact the Office of Civil Rights through Health and Human Services to file a formal complaint.
“The bottom line is this is a general problem with the app economy, and we’re watching telehealth become part of that, so we need to be very careful and cautious,” said O’Brien. “There needs to be disclosure, users need to be aware, and they need to demand better.”
Recovery from addiction is possible. For help, please call the free and confidential treatment referral hotline (1-800-662-HELP) or visit findtreatment.gov.
Google has given the boot to nine Android apps downloaded more than 5.8 million times from the company’s Play marketplace after researchers said these apps used a sneaky way to steal users’ Facebook login credentials.
In a bid to win users’ trust and lower their guard, the apps provided fully functioning services for photo editing and framing, exercise and training, horoscopes, and removal of junk files from Android devices, according to a post published by security firm Dr. Web. All of the identified apps offered users an option to disable in-app ads by logging into their Facebook accounts. Users who chose the option saw a genuine Facebook login form containing fields for entering usernames and passwords.
Consumer spending in mobile apps hit a record $64.9 billion during the first half of 2021, according to preliminary data from app store intelligence firm Sensor Tower. This figure represents a 24.8% increase in spending seen across both the App Store and Google Play, compared with the year-ago period. But while industry experts believe the accelerated shift to mobile fueled by the pandemic is a trend that will continue, it’s worth noting that — despite the new record — the growth rate for consumer spending has slightly slowed, and the download growth slowed more dramatically.
From the first half of 2019 to the first half of 2020, consumer spending on mobile apps grew 28.4% from $40.5 billion to $52 billion, for comparison — slower than the 24.8% seen in the current period.
Image Credits: Sensor Tower
Apple’s App Store accounted for $41.5 billion in global consumer spending during the first half of 2021, or 1.8x the $23.4 billion seen by Google Play.
However, Google Play continues to outpace on growth, having jumped 30% from the $18 billion in the first half of 2020 compared with the 22.1% growth from the $34 billion the App Store had seen. This is due, in part, to demand from markets like the Philippines, where the Covid-19 pandemic has forced business closures and quarantines, Sensor Tower noted.
Consumer spend outside of games was driven by sports, finance, business, book and entertainment apps. Subscription-based apps in the top 100 apps (excluding games) were a large part of this spend, too, contributing $8.3 billion during the period. TikTok remained a top grossing app during the first half of 2021, followed by YouTube and regular top earner Tinder.
Image Credits: Sensor Tower
Of course, mobile game spending continues to contribute to the largest part of the overall consumer spend, reaching $44.7 billion during the first half of the year. The App Store accounted for $26 billion of that figure, but growth slowed from 26.5% in the year-ago period to 13.5% from the first half of 2020 to the first half of 2021.
Image Credits: Sensor Tower
Top grossing games in the first half of 2021 were, in order, Tencent’s Honor of Kings ($15B+), PUBG Mobile (including its localized version for China, reached nearly $1.5B), Genshin Impact ($848M+), Roblox and Coin Master.
Mobile app download growth also significantly slowed in the first half of this year, the firm found.
Last year, the Covid-19 pandemic contributed to a surge of new mobile app installs around the world, as consumer looked to apps for work, school, shopping, heath, grocery, and more. During the first half of 2020, app installs had jumped 25.7% year-over-year to reach 71.3 billion downloads. But in the first half of 2021, downloads only grew 1.7% to reach 72.5 billion installs.
The App Store even saw a year-over-year decline in non-game installs in the first half of 2021, dropping 10.9% to 16.3 billion from 18.3 billion in the first half of 2020. Sensor Tower believes this is reflective of the increased competition for consumer attention in markets with a high number of iOS users, like the U.S., where businesses have been reopening and in-person activities are resuming.
Meanwhile, Google Play (non-game) installs climbed 6% in the first half of this year to 56.2 billion from the 53 billion in the first half of 2020. This could be tied to the demand for apps in markets where Android is dominant, like India, which has continued to be impacted by the pandemic. As a result, app adoption on Google Play was 3.5 times higher than on the App Store during the first half of 2021.
Image Credits: Sensor Tower
The (non-game) app with the most downloads was TikTok, which gained 384.6 million new installs during the first half of this year. But this is down by around 38% from the 619 million installs it saw during the year-ago period — a change that can be attributed to its ban from the Indian market last year. The rest of the top 5 most-downloaded app chart was dominated by Facebook, which scored the No. 2, No. 3, and No 4 positions, with Facebook, Instagram and WhatsApp, respectively. Telegram was No. 5 followed by Messenger, Zoom, Snapchat, CapCut and Google Meet.
Mobile game downloads, meanwhile, fell 22.8% to 4.4 billion on the App Store but grew 3.9% on Google Play to 23.7 billion in the first half of 2021.
The app data presented is a preliminary analysis that may become more precise over time. It’s also worth comparing it to related reports from other firms for a fuller picture.
Apparently following the lead of Apple and Google, Amazon has announced that it will take a smaller revenue cut from apps developed by teams earning less than $1 million annually from their apps on the Amazon Appstore. The same applies to developers who are brand-new to the marketplace.
The new program from Amazon, called the Amazon Appstore Small Business Accelerator Program, launches in Q4 of this year, and it will reduce the cut Amazon takes from app revenue, which was previously 30 percent. (Developers making over $1 million annually will continue to pay the original rate.) For some, it’s a slightly worse deal than Apple’s or Google’s, and for others, it’s better.
Amazon’s new indie-friendly rate is 20 percent, in contrast to Apple’s and Google’s 15 percent. Amazon seeks to offset this difference by granting developers 10 percent of their Appstore revenue in the form of a credit for AWS. For certain developers who use AWS, it could mean that Amazon’s effective cut is actually 10 percent, not 15 or 20 percent.
Until recently, Google’s namesake Android app, which more than five billion installs to date, had a vulnerability that could have allowed an attacker to quietly steal personal data from a victim’s device.
Sergey Toshin, founder of mobile app security startup Oversecured, said in a blog post that the vulnerability has to do with how the Google app relies on code that is not bundled with the app itself. Many Android apps, including the Google app, reduce their download size and the storage space needed to run by relying on code libraries that are already installed on Android phones.
But the flaw in the Google app’s code meant it could be tricked into pulling a code library from a malicious app on the same device instead of the legitimate code library, allowing the malicious app to inherit the Google app’s permissions and granting it near-complete access to a user’s data. That access includes access to a user’s Google accounts, search history, email, text messages, contacts and call history, as well as being able to trigger the microphone and camera, and access the user’s location.
The malicious app would have to be launched once for the attack to work, Toshin said, but that the attack happens without the victim’s knowledge or consent. Deleting the malicious app would not remove the malicious components from the Google app, he said.
A Google spokesperson told TechCrunch that the company fixed the vulnerability last month and it had no evidence that the flaw has been exploited by attackers. Android’s in-built malware scanner, Google Play Protect, is meant to stop malicious apps from installing. But no security feature is perfect, and malicious apps have slipped through its net before.
Toshin said the Google app vulnerability is similar to another bug discovered by the startup in TikTok earlier this year, which if exploited could have allowed an attacker to steal a TikTok user’s session tokens to take control of their account.
Android shared information today about six features that will roll out this summer. Some of these are just quality of life upgrades, like starring text messages to easily find them later, or getting contextual Emoji Kitchen suggestions depending on what you’re typing. But other aspects of this update emphasize security, safety, and accessibility.
Last summer, Google added a feature on Android that basically uses your phone as a seismometer to create “the world’s largest earthquake detection network.” The system is free, and since testing in California, it’s also launched in New Zealand and Greece. Now, Google will introduce this feature in Turkey, the Philippines, Kazakhstan, Kyrgyz Republic, Tajikistan, Turkmenistan and Uzbekistan. The company says that they’ll continue expanding the feature this year, prioritizing countries with the highest earthquake risk.
Image Credits: Google
Google is also expanding on another feature released last year, which made Google Assistant compatible with Android apps. In the initial update, apps were supported like Spotify, Snapchat, Twitter, Walmart, Discord, Etsy, MyFitnessPal, Mint, Nike Adapt, Nike Run Club, eBay, Kroger, Postmates, and Wayfair. Today’s update mentioned apps like eBay, Yahoo! Finance, Strava, and Capital One. These features are comparable to Apple’s support of Siri with iOS apps, which includes the ability to open apps, perform tasks, and record a custom command.
When it comes to accessibility, Google is ramping up its gaze detection feature, which is now in beta. Gaze detection allows people to ask Voice Access to only respond when they’re looking at their screen, allowing people to naturally move between talking with friends and using their phone. Now, Voice Access will also have enhanced password input — when it detects a password field, it will allow you to input letters, numbers, and symbols by saying “capital P” or “dollar sign,” for example, making it easier for users to more quickly enter this sensitive information. In October, Google Assistant became available on gaze-powered accessible devices, and in the same month, Google researchers debuted a demo that made it so people using sign language could be identified as the “active speaker” in video calls. Apple doesn’t have a comparable gaze detection feature yet that’s widely available, though they acquired SensoMotoric Instruments (SMI), an eye-tracking firm, in 2017. So, hopefully similar accessibility features will be in the works at Apple, especially as Google continues to build out theirs.
Today’s Android update also lets Android Auto users customize more of their experience. Now, you can set your launcher screen from your phone, set dark mode manually, and more easily browse content on media apps with an A-Z scroll bar and “back to top” button. Messaging apps like WhatsApp and Messages will now be compatible on the launch screen – proceed with caution and don’t drive distracted – and EV charging, parking, and navigation apps will now be available for use.