Use of SMS or Call Log permission groups

Google Play restricts the use of high risk or sensitive permissions, including the SMS or Call Log permission groups. 

All apps, including default handlers, requesting to access the SMS or Call Log permissions must complete the Permissions Declaration Form at the bottom of this page and receive Google Play approval.

When should you access these permissions

You should only access Call Log or SMS permissions to enable your app’s core functionality.

Core functionality is the main purpose of the app. It's the feature most prominently documented and promoted in the app’s description; no other feature is more central to the app’s functionality. If this feature isn't provided, the app is “broken” (for example, won't perform as a user would expect).

Collapse All Expand All

Intended uses

For apps requesting access to the SMS or Call Log permissions, the intended and permitted uses include Default SMS, Phone, or Assistant handler capability.

Apps must be actively registered as the default SMS, Phone, or Assistant handler before prompting users to accept any of the above permissions and must immediately stop the use of the permission when it's no longer the default handler. 

Use

Allowed permissions*

Default SMS handler

READ_SMS, SEND_SMS, WRITE_SMS, RECEIVE_SMS, RECEIVE_WAP_PUSH, RECEIVE_MMS

Default Phone handler

READ_CALL_LOG, WRITE_CALL_LOG, PROCESS_OUTGOING_CALLS

SEND_SMS

Default Assistant handler

READ_SMS, SEND_SMS, WRITE_SMS, RECEIVE_SMS, RECEIVE_WAP_PUSH, RECEIVE_MMS

READ_CALL_LOG


*Google Play must approve your Permissions Declaration Form.

Exceptions

Google Play may provide a temporary exception to apps that aren't Default SMS, Phone, or Assistant handlers when:

  • Use of the permission provides core app functionality to users
  • There is currently no alternative method to provide the core functionality

Use

Allowed permissions*

Transactional backup and restore for users and archive for enterprise (time-limited/non-continuous)

READ_SMS, RECEIVE_SMS, WRITE_SMS

READ_CALL_LOG, WRITE_CALL_LOG

Caller ID, spam detection, and blocking

READ_CALL_LOG

Connected device companion apps (for example, smartwatch, automotive)

SEND_SMS, WRITE_SMS, RECEIVE_SMS, READ_SMS

READ_CALL_LOG

Cross-device synchronization or transfer of SMS or calls

SEND_SMS, READ_SMS, RECEIVE_SMS

READ_CALL_LOG

SMS-based financial transactions and related activity where access is restricted to financial SMS transactions (for example, 5-digit messages)

RECEIVE_SMS, READ_SMS, SEND_SMS

Proxy calls (for example, VoIP Calling)

READ_CALL_LOG, WRITE_CALL_LOG, PROCESS_OUTGOING_CALLS


*Google Play must approve your Permissions Declaration Form.

Invalid uses

In some cases, apps may wish to access sensitive user data for purposes where a safer and more secure alternative exists, or where risk of data exposure doesn't warrant access. 

Below is a list of common use cases that won't be permitted to access sensitive user data associated with SMS and Call Log permissions: 

  • Account verification (see Alternatives below)
  • Content sharing or invites (see Alternatives below)
  • Contact prioritization, affinity profiles, show recent, or social graphs

Note: This list is not exhaustive.

Alternatives to common uses

Use

Alternatives

OTP & account verification

With the SMS Retriever API, you can perform SMS-based user verification in your app automatically, without requiring the user to manually type verification codes, and without requiring any extra app permissions.

If the SMS Retriever API is not an option for your app, users can also manually enter a verification code.

Initiate a text message

With the SMS Intent, your apps can initiate an SMS or MMS text message.

Share content

With the Share Intent, your app can enable users to share content or send invites through a variety of supporting apps without requiring sensitive app permissions.

Initiate a phone call

With the Dial Intent, your app can specify a phone number and open the phone app. The user can then explicitly initiate the phone call.

The Dial Intent doesn't require the CALL_PHONE permission.

Apply to use SMS or Call Log permission groups

If your app is a default handler or you believe your app qualifies for an exception, complete the Permissions Declaration Form.

Before submitting a Permissions Declaration Form, make sure that your app:

  • Only uses the permission(s) for the allowed uses
  • Doesn't use the permission(s) for any invalid uses

Important: If your app's permission use changes, you must submit the form again with updated and accurate information. Deceptive and non-declared uses of these permissions may result in a suspension of your app and/or termination of your developer account.

Was this article helpful?
How can we improve it?