Device and Network Abuse

Changes are coming to this policy!

Find a summary of the changes and a copy of the updated Developer Policy here

We don’t allow apps that interfere with, disrupt, damage, or access in an unauthorized manner the user’s device, other devices or computers, servers, networks, application programming interfaces (APIs), or services, including but not limited to other apps on the device, any Google service, or an authorized carrier’s network.

Apps on Google Play must comply with the default Android system optimization requirements documented in the Core App Quality guidelines for Google Play.

An app distributed via Google Play may not modify, replace, or update itself using any method other than Google Play's update mechanism. Likewise, an app may not download executable code (e.g., dex, JAR, .so files) from a source other than Google Play. This restriction does not apply to code that runs in a virtual machine or an interpreter where either provides indirect access to Android APIs (such as JavaScript in a webview or browser). 

Apps or third-party code (e.g., SDKs) with interpreted languages (JavaScript, Python, Lua, etc.) loaded at run time (e.g., not packaged with the app) must not allow potential violations of Google Play policies.

We don’t allow code that introduces or exploits security vulnerabilities. Check out the App Security Improvement Program to find out about the most recent security issues flagged to developers.

Examples of common violations
  • Apps that block or interfere with another app displaying ads.
  • Game cheating apps that affect the gameplay of other apps.
  • Apps that facilitate or provide instructions on how to hack services, software or hardware, or circumvent security protections.
  • Apps that access or use a service or API in a manner that violates its terms of service.
  • Apps that are not eligible for whitelisting and attempt to bypass system power management .
  • Apps that facilitate proxy services to third parties may only do so in apps where that is the primary, user-facing core purpose of the app.
  • Apps or third party code (e.g., SDKs) that download executable code, such as dex files or native code, from a source other than Google Play.
  • Apps that install other apps on a device without the user's prior consent.
  • Apps that link to or facilitate the distribution or installation of malicious software.
  • Apps or third party code (e.g., SDKs) containing a webview with added JavaScript Interface that loads untrusted web content (e.g., http:// URL) or unverified URLs obtained from untrusted sources (e.g., URLs obtained with untrusted Intents).
Was this helpful?
How can we improve it?

Need more help?

Sign in for additional support options to quickly solve your issue

Clear search
Close search
Google apps
Main menu
Search Help Center