Category Archives: Android Developers Blog

An Open Handset Alliance Project

Grow your indie game with Google Play

Posted by Patricia Correa, Director, Platforms & Ecosystems Developer Marketing

Google Play empowers game developers of all sizes to engage and delight people everywhere, and build successful businesses too. We are inspired by the passion and creativity we see from the indie games community, and, over the past few years, we've invested in and nurtured indie games developers around the world, helping them express their unique voice and bring ideas to life.

This year, we've put together several initiatives to help the indie community.

Indie Games Showcase

For indie developers who are constantly pushing the boundaries of storytelling, visual excellence, and creativity in mobile we are announcing today the Indie Games Showcase, an international competition for games studios from Europe*, South Korea and Japan. Those of you who meet the eligibility criteria (as outlined below) can enter your game for a chance to win several prizes, including:

  • A paid trip and accommodation to the final event in your region to showcase your game.
  • Promotion on the Google Play Store.
  • Promotion on Android and Google Play marketing channels.
  • Dedicated consultations with the Google Play team.
  • Google hardware.
  • And more...

How to enter the competition

If you're over 18 years old, based in one of the eligible countries, have 30 or less full time employees, and have published a new game on Google Play after 1 January 2018, you can enter your game. If you're planning on publishing a new game soon, you can also enter by submitting a private beta. Submissions close on May 6 2019. Check out all the details in the terms and conditions for each region. Enter now!

Indie Games Accelerator

Last year we launched our first games accelerator for developers in Southeast Asia, India and Pakistan and saw great results. We are happy to announce that we are expanding the format to accept developers from select countries in the Middle East, Africa, and Latin America, with applications for the 2019 cohort opening soon. The Indie Games Accelerator is a 6 month intensive program for top games startups, powered by mentors from the gaming industry as well as Google experts, offering a comprehensive curriculum that covers all aspects of building a great game and company.

Mobile Developer Day at GDC

We will be hosting our annual Developer Day at the Game Developers Conference in San Francisco on Monday, March 18th. Join us for a full day of sessions covering tools and best practices to help build a successful mobile games business. We'll focus on game quality, effective monetization and growth strategies, and how to create, connect, and scale with Google. Sign up to stay up to date or join us via livestream.

Developer Days

We also want to engage with you in person with a series of events. We will be announcing them shortly, so please make sure to sign up to our newsletter to get notified about events and programs for indie developers.

Academy for App Success

Looking for tips on how to use various developer tools in the Play Console? Get free training through our e-learning program, the Academy for App Success. We even have a custom Play Console for game developers course to get a jump start on Google Play.

We look forward to seeing your amazing work and sharing your creativity with other developers, gamers and industry experts around the world. And don't forget to submit your game for a chance to get featured on Indie Corner on Google Play.

* The competition is open to developers from the following European countries: Austria, Belgium, Belarus, Czech Republic, Denmark, Finland, France, Germany, Israel, Italy, Netherlands, Norway, Poland, Romania, Russia, Slovakia, Spain, Sweden, Ukraine, and the United Kingdom (including Northern Ireland).


How useful did you find this blog post?

Supplement your earnings with rewarded products

Posted by Patrick Davis, Product Manager, Google Play

Developers are increasingly using multiple methods to monetize their apps and games. One trend has been to reward users for a monetizable action, like watching a video, with in-game currency or other benefits. This gives users more choice in how they experience the app or game, and has been an effective way to monetize non-paying users.

To support this monetization method, Google Play is excited to announce rewarded products, a new product type now available in open beta in the Play Console.

Rewarded products make it easy for Google Play developers to increase their monetized user base. Our first rewarded product offering will be in a video format. Users can elect to watch a video advertisement and upon completion be rewarded with virtual goods or in-game currency. In the example below, the user selects "watch ad", views the video, and then is granted 100 coins.

Rewarded products can be added to any app using the Google Play Billing Library or AIDL interface with only a few additional API calls. No extra SDK integration is required. This significantly reduces the work required to implement compared to other offerings. Rewarded products are powered by AdMob technology to give access to the broad range of content from advertisers currently working with Google.

Get started with rewarded products.

For developers interested in best practices on how to diversify revenue and how rewarded products fit in, please visit us at Google's Mobile Developer day at GDC or watch via the livestream.

How useful did you find this blog post?

Android Jetpack WorkManager Stable Release

Posted by Sumir Kataria, Software Engineering Lead & Jisha Abubaker, Product Manager

Simplify how you manage background work with WorkManager

Today, we're happy to announce the release of Android Jetpack WorkManager 1.0 Stable. We want to thank so many of you in our dev community who have given us feedback and logged bugs along the way - we've gotten here thanks to your help!

When we looked at the top problems faced by developers, we saw that doing background processing reliably and in a battery-friendly manner was a huge challenge. This meant that periodically fetching fresh content or uploading your logs was complex. Different versions of Android provided different tools for the job, each with their own API quirks. For example, listening for network or storage availability and automatically retrying your tasks involved a lot of work.

Our answer to these challenges was WorkManager. We introduced a preview of the Android Jetpack WorkManager library at Google I/O 2018 and have since iterated on it with additional features and bug fixes thanks to your valuable input.

The goal of WorkManager is to make background operations easy for you. WorkManager takes into account constraints like battery-optimization, storage, or network availability, and it only runs its tasks when the appropriate conditions are met. It also knows when to retry or reschedule your work--even if your device or app restarts.

We believe WorkManager is a friendly, approachable API that can take care of one of the most complex parts of Android for you so you can focus on the code that makes your app unique.

WorkManager Highlights

Here are some key features of WorkManager:

  • Lets you set constraints, such as network status or charge state, on when the task runs
  • Supports asynchronous one-off and periodic tasks
  • Supports chained tasks with input & output
  • Ensures task execution, even if the app or device restarts
  • Supports Android 4.0+ (API 14+)

Watch and read below to learn when and how to use WorkManager to simplify managing background work in your apps:

When to use WorkManager

WorkManager is best suited for tasks that can be deferred, but are still expected to run even if the application or device restarts (for example, syncing data periodically with a backend service and uploading logs or analytics data).

For tasks like sending an instant message that are required to run immediately or for tasks that are not required to run after the app exits, take a look at our background processing guide to learn which solution meets your needs.

How to use WorkManager

To get started with the WorkManager API, add the WorkManager dependency available on Google's Maven repository in Java or Kotlin to your application's build.gradle file: 

dependencies {
    def work_version = 1.0.0

    // Java
    implementation "android.arch.work:work-runtime:$work_version"

    // Kotlin KTX + coroutines
    implementation "android.arch.work:work-runtime-ktx:$work_version"
  }

Now, simply subclass a Worker and implement your background work with doWork() and enqueue it with WorkManager. 

class MyWorker(ctx: Context, params: WorkerParameters)
  : Worker(ctx, params) {
  override fun WorkerResult doWork() {
    //do the work you want done in the background here
    return Result.success()
  }
}

// optionally, add constraints like power, network availability
val constraints: Constraints = Constraints.Builder()
     .setRequiresCharging(true)
                .setRequiredNetworkType(NetworkType.CONNECTED)
                .build()

val myWork = OneTimeWorkRequestBuilder<MyWorker>()
                .setConstraints(constraints).build()

// Now, enqueue your work
WorkManager.getInstance().enqueue(myWork)

WorkManager will now take care of running your task when it detects that your device is charging and the network is available.

Why use WorkManager

Backward compatibility

WorkManager will leverage the right scheduling API under the hood: it uses JobScheduler API on Android 6.0+ (API 23+) and a combination of AlarmManager and BroadcastReceiver on previous versions.

It also seeks to ensure the best possible behavior so that it complies with system optimizations introduced in newer Android API versions to maximize battery and enforce good app behavior.

For example, WorkManager will schedule background work during the maintenance window for Android 6.0+ (API 23+) devices when the system is in Doze mode.

Reliable scheduling

With WorkManager, you can easily add constraints like network availability or charging status. Your work will run when the constraints are met and automatically retried if they fail while running. For example, if your task requires network to be available, the task will be stopped when network is no longer available and retried later.

You can also monitor work status and retrieve work result using LiveData. This allows your UI to be notified when your task is completed.

In the event that your work fails, you can control how your work is retried by configuring how backoff is handled.

WorkManager is also able to reschedule your work, using a record of your work in its local database, if an application or device restart occurs.

Control over how your work is run

We understand that each app has unique needs, and so do your tasks--even within the same app. WorkManager provides a simple yet highly flexible API surface to help configure your work and how it is run.

Take advantage of one-off scheduling with OneTimeWorkRequest or recurrent scheduling with PeriodicWorkRequest.

You can also chain your one time work requests to run in order or in parallel. If any work in the chain fails, WorkManager seeks to ensure that the remaining chain of work will not run. Read more about chaining work requests here.

If you require more flexibility over how WorkManager parallelizes and manages work, check out our advanced threading guide.

What developers have to say

redBus, the largest online bus ticketing platform, shares their experience using WorkManager to simplify how they collect user feedback in their Android app:

"Feedback is critical to redBus as we expand into other countries. It often happens that a user gives critical feedback about a functionality within the redBus app but when the app tries to upload the feedback to backend servers, there might not be enough network coverage or battery.
WorkManager has simplified the way redBus app delivers information to it's backend servers. WorkManager library's capability to handle parameters like network connectivity, battery and use appropriate handlers like AlarmManager or JobScheduler has enabled us to concentrate on building business logics and offloading execution complexity to WorkManager."

- Dinesh Shanmugam

Android Lead, redBus.in

Get started with WorkManager

Check out our getting started guide and hands-on codelab to start using the WorkManager library for your background task needs.

We appreciate your feedback, including features you like and features you would like to see.

If you find a bug or issue, feel free to file an issue.

Android Security Improvement update: Helping developers harden their apps, one thwarted vulnerability at a time

Posted by Patrick Mutchler and Meghan Kelly, Android Security & Privacy Team

Helping Android app developers build secure apps, free of known vulnerabilities, means helping the overall ecosystem thrive. This is why we launched the Application Security Improvement Program five years ago, and why we're still so invested in its success today.

What the Android Security Improvement Program does

When an app is submitted to the Google Play store, we scan it to determine if a variety of vulnerabilities are present. If we find something concerning, we flag it to the developer and then help them to remedy the situation.

Think of it like a routine physical. If there are no problems, the app runs through our normal tests and continues on the process to being published in the Play Store. If there is a problem, however, we provide a diagnosis and next steps to get back to healthy form.

Over its lifetime, the program has helped more than 300,000 developers to fix more than 1,000,000 apps on Google Play. In 2018 alone, the program helped over 30,000 developers fix over 75,000 apps. The downstream effect means that those 75,000 vulnerable apps are not distributed to users with the same security issues present, which we consider a win.

What vulnerabilities are covered

The App Security Improvement program covers a broad range of security issues in Android apps. These can be as specific as security issues in certain versions of popular libraries (ex: CVE-2015-5256) and as broad as unsafe TLS/SSL certificate validation.

We are continuously improving this program's capabilities by improving the existing checks and launching checks for more classes of security vulnerability. In 2018, we deployed warnings for six additional security vulnerability classes including:

  1. SQL Injection
  2. File-based Cross-Site Scripting
  3. Cross-App Scripting
  4. Leaked Third-Party Credentials
  5. Scheme Hijacking
  6. JavaScript Interface Injection

Ensuring that we're continuing to evolve the program as new exploits emerge is a top priority for us. We are continuing to work on this throughout 2019.

Keeping Android users safe is important to Google. We know that app security is often tricky and that developers can make mistakes. We hope to see this program grow in the years to come, helping developers worldwide build apps users can truly trust.

Google Play Protect in 2018: New updates to keep Android users secure

Posted by Rahul Mishra and Tom Watkins, Android Security & Privacy Team

In 2018, Google Play Protect made Android devices running Google Play some of the most secure smartphones available, scanning over 50 billion apps everyday for harmful behaviour.

Android devices can genuinely improve people's lives through our accessibility features, Google Assistant, digital wellbeing, Family Link, and more — but we can only do this if they are safe and secure enough to earn users' long term trust. This is Google Play Protect's charter and we're encouraged by this past year's advancements.

Google Play Protect, a refresher

Google Play Protect is the technology we use to ensure that any device shipping with the Google Play Store is secured against potentially harmful applications (PHA). It is made up of a giant backend scanning engine to aid our analysts in sourcing and vetting applications made available on the Play Store, and built-in protection that scans apps on users' devices, immobilizing PHA and warning users.

This technology protects over 2 billion devices in the Android ecosystem every day.

What's new

On by default

We strongly believe that security should be a built-in feature of every device, not something a user needs to find and enable. When security features function at their best, most users do not need to be aware of them. To this end, we are pleased to announce that Google Play Protect is now enabled by default to secure all new devices, right out of the box. The user is notified that Google Play Protect is running, and has the option to turn it off whenever desired.

New and rare apps

Android is deployed in many diverse ways across many different users. We know that the ecosystem would not be as powerful and vibrant as it is today without an equally diverse array of apps to choose from. But installing new apps, especially from unknown sources, can carry risk.

Last year we launched a new feature that notifies users when they are installing new or rare apps that are rarely installed in the ecosystem. In these scenarios, the feature shows a warning, giving users pause to consider whether they want to trust this app, and advising them to take additional care and check the source of installation. Once Google has fully analyzed the app and determined that it is not harmful, the notification will no longer display. In 2018, this warning showed around 100,000 times per day

Context is everything: warning users on launch

It's easy to misunderstand alerts when presented out of context. We're trained to click through notifications without reading them and get back to what we were doing as quickly as possible. We know that providing timely and context-sensitive alerts to users is critical for them to be of value. We recently enabled a security feature first introduced in Android Oreo which warns users when they are about to launch a potentially harmful app on their device.

This new warning dialog provides in-context information about which app the user is about to launch, why we think it may be harmful and what might happen if they open the app. We also provide clear guidance on what to do next. These in-context dialogs ensure users are protected even if they accidentally missed an alert.

Auto-disabling apps

Google Play Protect has long been able to disable the most harmful categories of apps on users devices automatically, providing robust protection where we believe harm will be done.

In 2018, we extended this coverage to apps installed from Play that were later found to have violated Google Play's policies, e.g. on privacy, deceptive behavior or content. These apps have been suspended and removed from the Google Play Store.

This does not remove the app from user device, but it does notify the user and prevents them from opening the app accidentally. The notification gives the option to remove the app entirely.

Keeping the Android ecosystem secure is no easy task, but we firmly believe that Google Play Protect is an important security layer that's used to protect users devices and their data while maintaining the freedom, diversity and openness that makes Android, well, Android.

Acknowledgements: This post leveraged contributions from Meghan Kelly and William Luh.

Expanding target API level requirements in 2019

Posted by Edward Cunningham, Android Security & Privacy Team

In a previous blog we described how API behavior changes advance the security and privacy protections of Android, and include user experience improvements that prevent apps from accidentally overusing resources like battery and memory.

Since November 2018, all app updates on Google Play have been required to target API level 26 (Android 8.0) or higher. Thanks to the efforts of thousands of app developers, Android users now enjoy more apps using modern APIs than ever before, bringing significant security and privacy benefits. For example, during 2018 over 150,000 apps added support for runtime permissions, giving users granular control over the data they share.

Today we're providing more information about the Google Play requirements for 2019, and announcing some changes that affect apps distributed via other stores.

Google Play requirements for 2019

In order to provide users with the best Android experience possible, the Google Play Console will continue to require that apps target a recent API level:

  • August 2019: New apps are required to target API level 28 (Android 9) or higher.
  • November 2019: Updates to existing apps are required to target API level 28 or higher.

Existing apps that are not receiving updates are unaffected and can continue to be downloaded from the Play Store. Apps can still use any minSdkVersion, so there is no change to your ability to build apps for older Android versions.

For a list of changes introduced in Android 9 Pie, check out our page on behavior changes for apps targeting API level 28+.

Apps distributed via other stores

Targeting a recent API level is valuable regardless of how an app is distributed. In China, major app stores from Huawei, OPPO, Vivo, Xiaomi, Baidu, Alibaba, and Tencent will be requiring that apps target API level 26 (Android 8.0) or higher in 2019. We expect many others to introduce similar requirements – an important step to improve the security of the app ecosystem.

Over 95% of spyware we detect outside of the Play Store intentionally targets API level 22 or lower, avoiding runtime permissions even when installed on recent Android versions. To protect users from malware, and support this ecosystem initiative, Google Play Protect will warn users when they attempt to install APKs from any source that do not target a recent API level:

  • August 2019: New apps will receive warnings during installation if they do not target API level 26 or higher.
  • November 2019: New versions of existing apps will receive warnings during installation if they do not target API level 26 or higher.
  • 2020 onwards: The target API level requirement will advance annually.

These Play Protect warnings will show only if the app's targetSdkVersion is lower than the device API level. For example, a user with a device running Android 6.0 (Marshmallow) will be warned when installing any new APK that targets API level 22 or lower. Users with devices running Android 8.0 (Oreo) or higher will be warned when installing any new APK that targets API level 25 or lower.

Prior to August, Play Protect will start showing these warnings on devices with Developer options enabled to give advance notice to developers of apps outside of the Play Store. To ensure compatibility across all Android versions, developers should make sure that new versions of any apps target API level 26+.

Existing apps that have been released (via any distribution channel) and are not receiving updates will be unaffected – users will not be warned when installing them.

Getting started

For advice on how to change your app’s target API level, take a look at the migration guide and this talk from I/O 2018: Migrate your existing app to target Android Oreo and above.

We're extremely grateful to the Android developers worldwide who have already updated their apps to deliver security improvements for their users. We look forward to making great progress together in 2019.

How we fought bad apps and malicious developers in 2018

Posted by Andrew Ahn, Product Manager, Google Play

Google Play is committed to providing a secure and safe platform for billions of Android users on their journey discovering and experiencing the apps they love and enjoy. To deliver against this commitment, we worked last year to improve our abuse detection technologies and systems, and significantly increased our team of product managers, engineers, policy experts, and operations leaders to fight against bad actors.

In 2018, we introduced a series of new policies to protect users from new abuse trends, detected and removed malicious developers faster, and stopped more malicious apps from entering the Google Play Store than ever before. The number of rejected app submissions increased by more than 55 percent, and we increased app suspensions by more than 66 percent. These increases can be attributed to our continued efforts to tighten policies to reduce the number of harmful apps on the Play Store, as well as our investments in automated protections and human review processes that play critical roles in identifying and enforcing on bad apps.

In addition to identifying and stopping bad apps from entering the Play Store, our Google Play Protect system now scans over 50 billion apps on users' devices each day to make sure apps installed on the device aren't behaving in harmful ways. With such protection, apps from Google Play are eight times less likely to harm a user's device than Android apps from other sources.

Here are some areas we've been focusing on in the last year and that will continue to be a priority for us in 2019:

Protecting User Privacy

Protecting users' data and privacy is a critical factor in building user trust. We've long required developers to limit their device permission requests to what's necessary to provide the features of an app. Also, to help users understand how their data is being used, we've required developers to provide prominent disclosures about the collection and use of sensitive user data. Last year, we rejected or removed tens of thousands of apps that weren't in compliance with Play's policies related to user data and privacy.

In October 2018, we announced a new policy restricting the use of the SMS and Call Log permissions to a limited number of cases, such as where an app has been selected as the user's default app for making calls or sending text messages. We've recently started to remove apps from Google Play that violate this policy. We plan to introduce additional policies for device permissions and user data throughout 2019.

Developer integrity

We find that over 80% of severe policy violations are conducted by repeat offenders and abusive developer networks. When malicious developers are banned, they often create new accounts or buy developer accounts on the black market in order to come back to Google Play. We've further enhanced our clustering and account matching technologies, and by combining these technologies with the expertise of our human reviewers, we've made it more difficult for spammy developer networks to gain installs by blocking their apps from being published in the first place.

Harmful app contents and behaviors

As mentioned in last year's blog post, we fought against hundreds of thousands of impersonators, apps with inappropriate content, and Potentially Harmful Applications (PHAs). In a continued fight against these types of apps, not only do we apply advanced machine learning models to spot suspicious apps, we also conduct static and dynamic analyses, intelligently use user engagement and feedback data, and leverage skilled human reviews, which have helped in finding more bad apps with higher accuracy and efficiency.

Despite our enhanced and added layers of defense against bad apps, we know bad actors will continue to try to evade our systems by changing their tactics and cloaking bad behaviors. We will continue to enhance our capabilities to counter such adversarial behavior, and work relentlessly to provide our users with a secure and safe app store.

How useful did you find this blog post?

An Update on Android Things

Posted by Dave Smith, Developer Advocate for IoT

Over the past year, Google has worked closely with partners to create consumer products powered by Android Things with the Google Assistant built-in. Given the successes we have seen with our partners in smart speakers and smart displays, we are refocusing Android Things as a platform for OEM partners to build devices in those categories moving forward. Therefore, support for production System on Modules (SoMs) based on NXP, Qualcomm, and MediaTek hardware will not be made available through the public developer platform at this time.

Android Things continues to be a platform for experimenting with and building smart, connected devices using the Android Things SDK on top of popular hardware like the NXP i.MX7D and Raspberry Pi 3B. System images for these boards will remain available through the Android Things console where developers can create new builds and push app updates for up to 100 devices for non-commercial use.

We remain dedicated to providing a managed platform for IoT devices, including turnkey hardware solutions. For developers looking to commercialize IoT products in 2019, check out Cloud IoT Core for secure device connectivity at scale and the upcoming Cloud IoT Edge runtime for a suite of managed edge computing services. For on-device machine learning applications, stay tuned for more details about our Edge TPU development boards.

Google releases source code of Santa Tracker for Android 2018

Posted by Chris Banes, Chief Elf of Android Engineering

Today, we pushed the source code for Google's Santa Tracker 2018 Android app at google/santa-tracker-android, including its 17 mini-games, Santa tracking feature, Wear app and more!

Visually the app looks much the same this year, but underneath the hood the app has gone on a massive size reduction exercise to make the download from Google Play as small as possible. When a user downloads the app the initial download is now just 9.2MB, compared to last year's app which was 60MB. That's a 85% reduction! ?️

Android App Bundle

We achieved that reduction by migrating the app over to using an Android App Bundle. The main benefit is that Google Play can now serve dynamically optimized APKs to users' devices. Moreover, we were also able to separate out all of the games into their own dynamic feature modules, downloaded on demand. This is why you might have seen a progress bar when you first opened a game, we are actually downloading the game from Google Play before starting the game:

The progress bar shown while a game is fetched from Google Play

You can read more about our journey migrating over to App Bundle in a small blog series, starting with our 'Moving to Android App Bundle' post.

Gboard stickers

One of the new features we added this year was a Gboard sticker pack, allowing users to share stickers to their friends. You might even notice some of the characters from the games in the stickers!

'Santa Dunk' is one of the 20 available stickers

We use Firebase App Indexing to publish our stickers to the local index on the device, where the Gboard keyboard app picks them up, allowing the user to share them in apps. You can see the source code here.

The sticker pack being used in a very important conversation

Lots of code improvements

Aside from the things mentioned above, we've also completed a number of code health improvements. We have increased the minimum SDK version to Lollipop (21), migrated from the Support Library to AndroidX, reduced the file size of our game assets by switching to modern formats, and lots of other small improvements! Phew ?.

Go explore the code

If you're interested go checkout the code and let us know what you think. If you have any questions or issues, please let us know via the issue tracker.

Google Mobile Developer Day is coming to GDC 2019

Posted by Kacey Fahey, Developer Marketing, Google Play

We're excited to be part of the Game Developers Conference (GDC) 2019 in San Francisco. Join us on Monday, March 18th at the Google Mobile Developer Day, either in person or over live stream, for a full day of sessions covering tools and best practices to help build a successful mobile games business on Google Play. We'll focus on game quality, effective monetization and growth strategies, and how to create, connect, and scale with Google.

This year's sessions are focused on tips and tools to help your mobile game business succeed. Come hear our latest announcements and industry trends, as well as learnings from industry peers. We will hold a more technical session in the second half of the day, where we'll share ways to optimize your mobile game's performance for the best possible player experience.

Also, make sure to visit the Google booth from Wednesday March 20th until Friday March 22nd. Here, you will be able to interact with hands-on demos, attend talks in the theater, and get your questions answered by Google experts. We're bringing a big team and hope to see you there.

Learn more about Google's activities throughout the week of GDC and sign up to stay informed. For those who can't make it in person, join the live stream starting at 10am PST on Monday, March 18th. These events are part of the official Game Developers Conference and require a pass to attend.

How useful did you find this blog post?