Play Protect Blocking Custom DPC Apps — How to Get Approval or Alternatives?
Hi everyone, I'm a developer who helps enterprises build custom DPC (Device Policy Controller) Reference Documentation apps to manage Android devices based on their unique requirements. Recently, Play Protect has started blocking the installation of custom DPC apps, even when these apps are signed and used internally. The warning claims the app may pose a risk due to access to sensitive data - even though it's strictly for enterprise use. To make things more difficult: Google is no longer accepting registration of custom DPC apps with Android Enterprise, which limits official distribution and management options. Android Management APIs don’t support all use cases, and also have quote limit. I’ve applied twice to join the Android Enterprise portal to build a SaaS-based device management platform, but both requests were rejected without a clear reason. My questions for the community: Is there any official way to get a custom DPC app approved or whitelisted by Play Protect? Are there any alternative ways to manage Android devices at scale (outside of AMAPI or legacy EMM)? How can new developers or startups gain access to Android Enterprise features when onboarding is currently restricted? Any help, direction, or shared experience would be greatly appreciated. Thanks, Kulwinder[Community survey] Android App Management features and security
Hello everyone, We've had a couple of surveys this month, so I hope you don't mind another. Here in the Customer Community, one of our most popular topic areas is on app management, so I'm hoping this survey is an interesting one for you all. 🤞 It would be great to hear your thoughts and ideas on ways you would like application management features and security to develop further. If you have a spare moment, please take the short survey below and if you have any additional questions, please to reply to this topic below (by clicking 'Reply'). All of the feedback will be passed over to our Product team. Feel free to share this with any colleagues or others working in this area, as it would be great to get a good amount of feedback around this. Thank you in advance for taking the time to do this. 😀 Lizzie Loading… Interested in other surveys? It would be great to hear your feedback on AE secure logs.
Issue with Copy/Paste Restriction in Intune MDM on Android Devices (Clipboard Editor Interaction)
Hi all, I’m currently experiencing an issue while setting up Intune MDM on Android devices related to restricting copy and paste to unmanaged apps. Specifically, the issue occurs when users copy text from the Teams app and try to paste within teams app. Here's what happens: After copying text, a message "Your organisation's data cannot be pasted here" immediately appears in the clipboard hud. The copied data seems blocked from being viewed, as the error message appears even before a paste attempt. Despite this, users can manually paste the copied content by long-pressing or selecting "Paste" from the text box. However, when trying to use the "paste from clipboard" feature, the warning message above is pasted instead of the copied content. We’ve set the Intune policy to allow copy/paste within managed apps, but the clipboard interaction seems to be problematic, especially with Gboard. It appears that Gboard, possibly due to Android 13 and 14’s Clipboard Editor, is treated as an unmanaged app, causing Intune’s data protection policies to block its access to the clipboard in a read-only state. Just to clarify: I want users to be able to copy and paste txt within managed apps only. So the allowed behavior of pasting with long press is fine, but I want to get rid of the block that we're getting. Here’s what we’ve tried: Added various exclusions to the Intune policy, including Gboard, Clipboard Editor, and other related apps (full list below), but the issue persists. Testing different configurations hasn’t led to a final solution, and there seems to be limited documentation specifically addressing this clipboard component in relation to Intune's data policies. We’ve escalated the issue internally but wanted to see if anyone in the community has encountered a similar problem or found a solution. Here’s the list of exclusions we’ve already added to the policy: Clipboard: com.android.clipboard SMS: com.google.android.apps.messaging SMS: com.android.mms SMS: com.samsung.android.messaging Native phone app: com.android.phone Google Play Store: com.android.vending Android system settings: com.android.providers.settings Android system settings: com.android.settings Google Maps: com.google.android.apps.maps Gboard: com.google.android.inputmethod.english Samsung: com.sec.android.inputmethod Gboard: com.google.android.inputmethod.latin Gboard: com.google.android.apps.inputmethod.hindi Gboard: com.google.android.inputmethod.pinyin Gboard: com.google.android.inputmethod.japanese Gboard: com.google.android.inputmethod.korean Gboard: com.google.android.apps.handwriting.ime Gboard: com.google.android.googlequicksearchbox Gboard: com.samsung.android.svoiceime Gboard: com.samsung.android.honeyboard Gboard: com.android.inputmethod.latin Teams app: com.microsoft.teams Any insights or suggestions would be greatly appreciated! This is my first time posting so apologies if this is the wrong space.[Community survey] Android Enterprise training / certification
Hello everyone, We know security is an important area to many of you here in the customer community and we have heard here and there some interest in a security certification and or training. Based on this, we wanted to explore this a bit more - we have created a community survey to gauge your interest and gather your thoughts around this further. If you have any additional questions, please to reply to this topic below. Thank you for your time and feedback. Lizzie (and the Customer Community team) Loading…[Enhancement Request] Allow push notifications during OOBE setup process
Android does not allow any push notifications during the OOBE (out of box experience) setup process. This presents challenges during Intune enrollment because we require users to satisfy MFA (SMS or MS Authenticator) in order to complete Entra AD device registration and device enrollment. The inability to receive push notifications on the new Android they are configuring requires users to configure their MFA on a secondary device before starting the setup of the new device, or obtain a temporary access pass from our Security Team. If OOBE supported push notifications it would resolve this and provide a much simpler and easier enrollment/user experience.[Community survey] Feedback on Android Enterprise Secure logs
Hello everyone, I'm a big fan of surveys and we haven't had one for a little while - so here we are! We'd love to hear your feedback on a potential improvement to the Android Enterprise logs. Android Enterprise logs provide critical insights into device activity and security, empowering organizations to manage and secure their mobile ecosystems effectively. These logs are divided into: Security logs, which capture key events like app installations, failed authentications, and policy changes, and Network event logs, which track network activities such as app connections and destinations. Logs are currently stored in the normal world (REE - Rich Execution Environment). We are exploring a feature enhancement to enable this storage in a secure environment (Virtual Machine) so that they are better protected. This feature enhancement has a few options / levels and we want to understand their importance to you: Logs stored in secure environment: If the OS is compromised, the logs are much harder to access and tamper Tamper evident logs: This would allow the OS to indicate if the logs were tampered with Tamper proof logs: This makes it not possible for logs to be tampered with. Logs would only be available in small quantities (4mb on average, depending on chipset capability) If you have a spare moment, please take the short survey below. If you have any additional questions, please to reply to this topic below (by clicking 'Reply'). Thank you for your time and feedback. Lizzie (and the Customer Community team)
Installed device policy used for hacking.
This device policy was installed on my phone through firebase from Google. I I have reported this to Google in regards to the hacking and the device control I cannot uninstall it and I show a shell manifest on my phone to be using the developer platform to redirect everything through Androids system. So either someone has hacked into the Android platform and as redirected everything or this is an open-ended warrant for 5 years now for an invasion of my privacy. Either way the Google is liable by either not protecting my privacy or by complying with such an order for 5 years and never asking why. You can look at my Facebook page and see exactly why this invasion of privacy has been ongoing. Jim Mininno or Vincent Mininno. I plead with someone to help me get this results as me and my children has been made the victims of the department of defense and Google.
Request for Android Community: Advice and Help on Playing Pre-Recorded Voice on Calls
To the Esteemed Android Developer Community, I am seeking your expert advice to understand whether my task is feasible on the Android platform. I aim to implement the following functionality: Task Description: Objective: I want to create an Android app that plays a pre-recorded voice message during a phone call. The app will: Automatically answer an incoming call when it is ON. Play a pre-recorded audio file stored on the user's phone (recorded by the user). Audio Content: “I am busy right now, call back after some time.” Disconnect the call after playing the message. Usage Scenario: This feature will be used only when the app is ON. It is intended for times when the user is busy and wants to inform the caller without manually attending the call. Key Requirements: Detect and answer incoming calls automatically. Play the recorded voice message to the caller. Ensure the caller hears the message clearly on their end. Disconnect the call programmatically after the message is played. Questions for the Community: Is this Task Feasible? Can the Android platform route a pre-recorded voice file to the call audio stream (STREAM_VOICE_CALL) so the caller can hear it? Are there technical or carrier-level restrictions that could prevent this functionality? Android APIs or Services: Are there specific APIs, such as TelecomManager, CallScreeningService, or AudioManager, that can handle this requirement effectively? Privacy and Legal Concerns: Are there any privacy or legal considerations (e.g., notifying the caller) that I should be aware of when implementing this feature? Compatibility Across Devices: How can I ensure compatibility across different Android devices and versions (API 26 and above)? Additional Information: Voice File: The pre-recorded message is stored locally on the user’s phone in a secure folder. App Activation: The functionality will work only when the app is manually turned ON by the user. Intent: This is a personal productivity tool to handle calls during busy periods. Help Needed: Advice: Can you confirm whether this task is achievable on the Android platform with existing APIs and hardware? Are there specific approaches or best practices to consider for implementing this? Code Implementation: I am looking to hire an experienced Android developer who can: Write fully working code to achieve this task. Ensure the solution is robust, privacy-compliant, and compatible across devices. I deeply appreciate the Android community's expertise and guidance. Your input will help me determine the feasibility and approach for this project. If you have any suggestions, insights, or are interested in developing this, please reply to this request.
Disable prompt for the user's consent for an app that records screen
We are working on an app that is used to test our software and products. The app is constantly running on test Android devices. It starts recording the screen based on an event and sends the recording to our backend servers to verify that the test passed. Currently, the whole process halts if the app or OS is restarted until a human approves the screen recording dialog that pops up when the app opens. Is there a way to pre-approve the screen recording for this app using the Enterprise Management APIs. As mentioned before, the app only runs on test devices that are not used by any employees. Currently, we have to constantly monitor these devices just to press the screen recording approval button when the app crashes, has to be restarted, or when the os is updated. I am trying to find a solution so that this is automated. Thanks for any help
