Security Experts:

Connect with us

Hi, what are you looking for?


Application Security

Google Updates Target API Level Requirements for Android Apps

Google this week announced updated target level API requirements for Android applications in an attempt to improve the overall security of the ecosystem.

Google this week announced updated target level API requirements for Android applications in an attempt to improve the overall security of the ecosystem.

Per the updated requirements, all applications will have to target “an API level within two years of the latest major Android release” to remain discoverable for new users with devices running newer Android versions.

Basically, once the change enters into effect, users on the newest Android iterations will not be able to install older applications, which may lack some of the latest protections the mobile platform offers.

“Users with the latest devices or those who are fully caught up on Android updates expect to realize the full potential of all the privacy and security protections Android has to offer,” Google says.

Since new versions of Android are released each year, the internet giant will adjust the requirement window accordingly.

Most of the applications that are currently available in Google Play already meet these requirements, but there still are some apps that require attention, and this is why developers are being notified, Google explains.

The company also provides developers with the necessary resources to help them ensure their applications abide by the new standards, including a technical guide on migrating apps and a Help Center article on API level requirements.

[ READ: Google Details New Privacy and Security Policies for Android Apps ]

Furthermore, Google allows developers to request an optional six-month extension period if they feel they need more time to migrate their applications to a higher API level.

“Current users of older apps who have previously installed the app from Google Play will continue to be able to discover, re-install, and use the app on any device running any Android OS version that the app supports,” Google says.

In May 2022, an updated policy that will enter into effect will essentially prevent users from specific regions from accessing applications that display content deemed inappropriate for that region.

Another policy update that will enter into effect next month will prohibit “caste- and immigration-related hate speech.”

Additionally, Google is making some changes to its deceptive behavior policy regarding apps that offer oximeter functionality, and is updating the Accessibility policy to make it clear that the Accessibility API should not be requested for remote call audio recording.

Related: Google Introduces ‘Privacy Sandbox’ for ​​Ads on Android

Related: Android App Developers Required by Google to Share More Info on Data Handling

Related: 44 Vulnerabilities Patched in Android With April 2022 Security Updates

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.

Application Security

While there are many routes to application security, bundles that allow security teams to quickly and easily secure applications and affect security posture in...

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...