ONLY Publish app in Google Play Store - android-studio

I have a client who would like me to publish his app on Google Play Store. He has given me the .apk, description, icons, and banners.
I am going to buy a developer account ($25) for him but before that I would like to ask you guys that as I didn't actually develop this app. I am only going to publish his app. Is it safe? What key points I should check?
Also, would I still need to have Android Studio JUST to publish an app to Google Play Store? Or the URL below would give me the opportunity to publish my app using website?
https://play.google.com/apps/publish
Please help!
Thank you!

Check the Google Play Store Developer Policy Center to see if it infringes any rules.
https://play.google.com/about/developer-content-policy
I would also consider asking to review the source code as well if your name or company is going to be associated with the product you publish.

So basically uploading an app that copyrights most of someone's legit coding and possibly licensing? Not a good approach.
If you are aware about the terms and conditions, you would be liable for cost and damages because technically it will be under your name if you go forward and if your profiting this commercially, that case would be serious should it be brought forward on complaint.
EDITED
If you doing this on his behalf, he should sign up for Developer account or allow you to put his information in. So that's the safe point. If you are saying it is his app.

Related

Facebook messenger webhook not sending data for users that are not associated with the app

So this has been such an annoying issue I've been having with facebook.
We :
created a messenger app
verified the web-hook
submitted the app for review
got approval from Facebook
Everything works perfectly if we use the developers and users associated with the app, but for some reason any other user will not work at all!
The only explanation I see why it isn't work is because the app is in development mode, but apparently facebook removed that and replaced it with Access Levels.
I've been looking at documentation and can't find anything! Any directional help that I may have missed would be greatly appreciated!
The only explanation I see why it isn't work is because the app is in development mode, but apparently facebook removed that and replaced it with Access Levels.
You are indeed completely right!
The old system, consisting of Development Mode and Live Mode, has been replaced by respectively Standard Access and Advanced Access (cf. this documentation).
Apps in Development Mode can only request Permissions from app users who have a Role on the app or in a Business that has claimed the app. This is the same as Standard Access. Apps in Live Mode can request Permissions from anyone, but only if the Permissions have been approved through App Review. This is the same as Advanced Access. Features, although they cannot be requested from app users but are instead active/inactive, behave the same way.
This snippet was taken from this post.; Side note: They even wrote a paragraph about why they decided to switch and which features/improvements the new update brings - it's on the same site, just below the quote above
Anyhow, due to logistic reasons (supposedly) the update is only being pushed gently into the broad mass:
Access Levels are gradually being applied to all existing Business apps automatically.
You can find the banner on the previously mentioned site:
Summing up: Yes - the modes are actually replaced by their new "level system", though the update might haven't covered your Business app yet (but will so in the near future).
I got this message from API, maybe this covers the reason:
"(#10) Cannot message users who are not admins, developers or testers
of the app until pages_messaging permission is reviewed and the app is
live.", "type":"OAuthException", "code":10, "error_subcode":2018028, "fbtrace_id":"AL....i9"}}

How Can I setup Google Actions For Team Development?

I am working with a team to develop a Google Action for an Organisation called 'Rocket Chat'. Now what we want to do is that, to create one main account under that organisation, where frontend and backend will be hosted and also give access of this account to a few Developers. What will be the most efficient way of doing this?. Any ideas or suggestions on how to do that are appreciated. Thanks.
Frontend is hosted on Dialogflow and for backed we are hosting our fulfilment on Firebase. If you want more details on our setup, please visit here => https://github.com/RocketChat/google-action-rocketchat
The "correct" way to do it would be for every developer to use their own account, and share a project with all of them. This also will allow you to have more granular permissions for each developer.
In addition to having ownership of the project, you may also want to have some processes in place to mitigate potential issues. If everyone uses one project, it's possible to run into race conditions if multiple developers upload the same cloud function. The Dialogflow console also may have issues with multiple editors at one time.
For easier development, each developer may want their own separate prototyping project which gives them full control over the environment, and then have some way to integrate their changes into one master project.

How to detect the malware app

I am a developer which working on security related area.Recently I
met a little problem. If I got a app such as android .apk or IOS .ipa.
How can I check whether it has malicious actions?
The first thought came to my mind is to check its manifest. To see
which kind of permission it has requested. But this general method can
not detect some actions such as record the screen snapshot or record
user tap position on screen.
Then I switched to search how app store and google play check the
app which submitted by developers. Turns out that they first check the
certificate or signature of the app to make sure it has been published
by trusted organization. Then statically check the system permission
that the app requested.
I guess there must be some in-depth detection method or theory
which used by google and apple to make sure their app is safe to
download. Can anyone provide me some useful information or website
link that I can learn from?
Thank you.

Privacy Policy URL - What if I use it for the owner's website only?

So, apparently I need to provide a Privacy Policy URL for my Instagram application.
The only reason I'm using this application, is for a website I built for a client of mine. The client wanted an automatic integration for her Instagram, so I went through the whole Instagram API hassle.
Now, the website is ready for production, so I wanted to get my app out of sandbox mode, but it looks like I need this Privacy Policy URL.
What's the best way to go about this?
Put a Privacy Policy page up on their website (really any website you can link to) and use that link. It can be a static HTML page, as long as you can link to it.
Instagram won't let you take an application like this out of Sandbox, btw. Your use case is not an approved use case. From Instagram's Developer Documentation under Invalid Use Cases:
One-off Projects. If you are an agency building websites or other integrations, note that we don't grant permissions to clients created for one-off projects. If you are interested in building a product, platform, or widget that will be used as a service across multiple projects, then you may submit a single client_id that you can use across multiple projects.
You can (probably) still achieve the outcome you're looking for but you will need to go back to the drawing board and rethink your application's use case before getting out of the Sandbox. I know some developers who really just don't understand (or care to understand) the policies and never make it out of Sandbox. It's a shame because they can read the technical portions of the documentation so easily but just can't/don't read/understand the more critical parts (like the Invalid Use Cases section).

Instagram API Permissions Rejected for iOS App to Pull Public Content Data

My iOS app needs to use Instagram API to load some images, user feedback based on geo location. I requested public_content permissions from Instagram team but got rejected with explanations below even though I filled out as much info as possible. Note I have my app in development only and website looks very minimal but some designs and lots of description was submitted for review.
How to resolve this issue of getting these basic permissions? I googled and I notice this is a common problem.
General issues: Invalid Use Case: The use case descrbied in your submission notes, screencast and website is not a valid use case that
we allow on our Platform. Please see our Permissions Review and valid
use cases description (https://www.instagram.com/developer/review/)
for more information.
public_content: This permission (public_content) does not support the use case you described in your submission notes, screencast and
website. Please review Login Permissions
(http://instagram.com/developer/authorization/) for a comprehensive
list of permissions and valid use cases.
Perhaps this helps. I have tried two times but our app was declined. I will write the submission text one more time. I also want to go more into detail as the new FAQ says that Instagram expects a very detailed submision.
Cheers, Christian
FAQ
My submission was rejected but it was a valid use case. What should I do?
A common reason for rejecting a submission is that we do not have enough information to make an assessment of your app. This can happen if your submission was too short, if it missed important information, if you did not provide a good screencast, your website is not working, etc. Before you submit for review again, make sure to provide a long and clear explanation of what your app does and how you use every permission. Make sure also to provide a video screencast and to follow all our Platform Policies.
What should I write in the submission?
The submission should be long enough for us to understand exactly what your app does and why you need the permissions you are asking for. If your submission is too short or does not explain all parts of your integration, then we may not be able to understand and approve your app. For example, your submission should explain what does your app or company do, which of the approved use cases your integration falls into, who will be using your app, how do your user authenticate with your app, how you use the API to power your integration, how does your product use the data acquired from Instagram, etc.
What should I show in the video screencast?
The video screencast is a very important part of a submission and cannot be omitted. Please make sure that the video clearly shows how your application works, including any Instagram login experience and the usage of every permission you are requesting. Since your app may still be in sandbox mode, you can use data from sandbox users to showcase the integration.
My company is working with multiple clients, should I submit one app per project?
No, we do not approve apps that are created for one-off projects (e.g. a hashtag campaign, an event, a website). You should use a single client_id across all your integrations.
Can I revoke a submission if I made a mistake?
You can't cancel a submission that is in progress. You will need to wait until the submission has been reviewed before you can start a new one.

Resources