In a blog post published Jan 7, 2019, the developers of Samourai Wallet have announced that updated versions of the app will not ship with certain security and privacy-related features — thanks to a new Play Store policy.
Google Versus Android Permissions
Earlier in 2018, Google announced that developers would soon have to remove the call and SMS permissions from their apps in order to continue listing on the Play Store. Given that these two permissions potentially allow apps to read the user’s call history and text messages, Google clearly sought this approach to bar malicious apps from the Android platform.
The announcement by Samourai comes just days before the Jan 9, 2019 deadline set by the search giant. If any existing app contains those permissions after said date, it will be automatically flagged and removed from the Play Store catalog.
While Google does maintain a whitelist of apps that can continue to keep these permissions, developers have to submit their applications on a case-by-case basis for manual review.
The affected security features within the Samourai Wallet — namely ‘Stealth Mode,’ ‘SIM Switch Defense’ and ‘Remote SMS Commands’ — all invariably depend on the call and SMS permissions to function.
Several other apps, albeit not cryptocurrency wallets, will also lose key functionality as a result of this new policy. Google, however, remains steadfast in its decision and has said that developers will have to comply — even if it comes at the expense of prior functionality.
The developers of Samourai Wallet applied for exemption from the policy several months ago but were rejected only a few days ago.
The rejection reportedly came in spite of the team explaining the unmatched utility and security provided by these security features. The SIM Switch protection feature, for instance, protects users by sending an SMS to a trusted mobile number whenever the SIM card is changed.
In an attempt to retain this critical functionality, the developers of Samourai will be exploring additional distribution methods — including self-hosted APK downloads and inclusion in various other third-party app stores.
Given that Android continues to be an open ecosystem, users can simply subvert Google’s Play Store in favor of side-loading the application.
Since Samourai Wallet is fully open-source, the F-Droid app store is currently the top candidate for third-party distribution.
Meanwhile, existing Samourai Wallet users are advised to disable all stealth-related features within the application before the upcoming 0.99.04 update.
Do you think Google is starting to make the Play Store a ‘walled garden’ experience, similar to Apple’s with its App Store? Let us know your thoughts on the matter in the comments below!