earlier this year Google declared war on the abuse that some developers were making permissions very sensitive as the access to the calls and SMS, removing the Play Store for apps that abuse of such permits.
Some of the applications for the SMS verification -identify our identity through our number – using the permission to read SMS, some applications such as WhatsApp were able to migrate to the new API SMS Retriever, but the others to date have had to continue using the old permission, until now.
Google finally offers an alternative to the permission to read all SMS.
Two APIs for SMS verification
as of now, Google offers two new APIS for the SMS verification. The API launched earlier this year SMS Retriever is joined by the new API call SMS User Consent. We will tell you the differences:
SMS Retriever API: This API was launched in January 2019, it is intended for those applications that also be the sender of the SMS, which will be included in the SMS verification, in addition to the verification code, a hash code custom in the body of the message. This hash code verifies that SMS verification is for the application to be read and verified automatically, without the user having to do anything.
SMS User Consent APIS: this new API is intended for those applications that are not the sender of the SMS verification, such as financial applications that want to validate an operation. Google adds a new permission consent that allows the application to read the last message received.
New permission of consent
Until now, the applications for the verification and management of financial transactions through SMS could continue using the old permission to read all SMS, but now they will have to use the new permission SMS User Consent.
The operation of this new permit is very simple. When we receive a SMS for verification the application, you can ask permission to read the new message that we just got in, and only that message that we will display in the same window. By allowing that read that message will automatically copy the code in the application and shall proceed with the verification.
The API of consent of SMS will only read the message if it includes an alphanumeric code of 4 to 10 digits with at least one number, and if the sender is not on our list of contacts.
This new permit comes through the component Services of Google Play and will be available as of Android 6.0 Marshmallow. Thanks to this new permit are less applications that will have access to all of our SMS, improving our privacy.
Via | Google
we Also recommend
The news Google launches a new permission on Android to SMS verification: so does was originally published in Xataka Android by Cosmos .
August 8, 2019