Pre Launch report issue with Huawei Mate 9

Question

For several days now every time I release an APK I get a pre-launch report that it failed on Huawei Mate 9. The report doesn't say much, the log doesn't have any crashes in it. The only thing I can see that is odd is that it claims my app has a virus on the screenshots. I'm attaching what it shows. Since I know my app doesn't have a virus, I'm curious if anyone else is seeing that? The only big change in this release is that I added Unity ads.

Since my app has an intro screen, I think those buttons to ignore or uninstall are preventing the test software from progressing in my app.

Edit: A reply had suggested READ_PHONE_STATE was the issue but I just did a release without it and it didn't change anything, the warning is still there. And the app doesn't have SMS permissions either.

Edit: I should add that I went ahead and released this version, the app has had a few hundred thousand users try the new version and two Huawei users have mentioned the warning and one Oppo user, all from some built in protection, not something they installed.

Edit: Manifest permissions I request:

    <uses-permission android:name="android.permission.INTERNET"/>
    <uses-permission android:name="android.permission.ACCESS_WIFI_STATE"/>
    <uses-permission android:name="android.permission.CHANGE_WIFI_STATE"/>
    <uses-permission android:name="android.permission.CHANGE_WIFI_MULTICAST_STATE"/>
    <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE"/>
    <uses-permission android:name="com.android.vending.BILLING"/>
    <uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE"/>
    <uses-permission android:name="com.android.launcher.permission.INSTALL_SHORTCUT"/>
    <uses-permission android:name="android.permission.READ_PHONE_STATE"/>
    <uses-permission android:name="android.permission.WAKE_LOCK"/>
    <uses-permission-sdk-23 android:name="android.permission.ACCESS_FINE_LOCATION"/>

Edit: Huawei reps have said this to me: We have tested the app on Mate 9 device and other 2 models with Android 9.0, there is no such issue, it might be a problem with Android 7.0 system, so we suggested to guide the user to upgrade to Android 9.0 if they have this issue on their devices.

Edit: A user sent me a screenshot of a more detailed screen and it says clicker.fc is the detected virus. No idea what that is, googling for it hasn't helped. I've tried several virus scanners on my apk and haven't found any issues.

Edit: Turned out to be Unity ads. I managed to narrow down the exact release it happened on and then started testing new builds one by one on Firebase testlab and found the exact lines that caused it. Adding Unity ads on gradle does it every time.

score 1 · Answer 1 · edited Oct 03 '19 at 14:29

1

Reason

It is messages for protection against harmful apps in smartphones. it can be because of some ** dangerous permissions** like "Making Phone Calls" , "Sending SMS" or "Reading SMS". Some anti-virus programs mark such applications as potential virus threats from your device because of these dangerous permissions.

Solution

Try to disable the security popup:

Settings -> Google -> Security -> (Play Protect) And uncheck “Scan Device for Security threats”

edited Oct 03 '19 at 14:29

A P

2,131
2
24
36

answered Sep 26 '19 at 13:08

YuvrajsinhJadeja

1,383
7
23

I don't use sms but I do have phone call permissions in order to be notified of when a call happens so it can perform some action if the user enables it. That must be the one doing it. Is this something new? – casolorz Sep 26 '19 at 14:05
1

yes because of that permission for read call you are getting this. you can check permission policy in give link : https://android-developers.googleblog.com/2019/01/reminder-smscall-log-policy-changes.html – YuvrajsinhJadeja Sep 26 '19 at 17:12
and also check it on google play https://play.google.com/about/privacy-security-deception/permissions/ – YuvrajsinhJadeja Sep 26 '19 at 17:13
I don't have the call log permission, I have `READ_PHONE_STATE`. Does that still apply? – casolorz Sep 26 '19 at 17:37
yes it comes in critical permission also. your warning comes bescause of it. – YuvrajsinhJadeja Sep 26 '19 at 17:50
@casolorz have you read policy completely? check this link it will give you more clear idea https://stackoverflow.com/questions/41234205/warnings-your-apk-is-using-permissions-that-require-a-privacy-policy-android-p – YuvrajsinhJadeja Sep 26 '19 at 17:52
1

Yeah I did, I don't see `READ_PHONE_STATE` there but I do see similar stuff. I know apps with sms permissions got warnings and removals earlier this year, I haven't received any warning. This virus warning comes from Huawei and only affects Huawei. Thank you for all the info though, I really appreciate it, and has made me consider just removing this feature since it is a tiny part of my app. – casolorz Sep 26 '19 at 18:19
Just saw this https://stackoverflow.com/questions/54624392/is-read-phone-state-permission-illegal-after-march-2019 – casolorz Sep 26 '19 at 18:20
@casolorz yes as mentions in ans it comes from Huawei configuration. so is this answer helpfull for you. – YuvrajsinhJadeja Sep 26 '19 at 18:29
Would like to commend that I removed `READ_PHONE_STATE` and still got the warning on the pre launch report. That is why I haven't marked this as correct or given the bounty. – casolorz Oct 02 '19 at 17:29
It is on the post. – casolorz Oct 03 '19 at 17:01
Figured it out, added an answer. – casolorz Oct 06 '19 at 21:31

Martin Zeitler · Answer 2 · 2019-10-02T19:27:18.737

There's no AndroidManifest.xml provided, therefore the answer is just a vague as the question.

Therefore, I'd assume, that:

b) you might be requesting any permission, which requires the application to be registered as the default handler for an Intent

Your app must ask to become a default handler before it requests the permissions associated with being that handler. For example, an app must request to become the default SMS handler before it requests the READ_SMS permission.

b) or it cannot find the privacy policy required for accessing sensitive information, alike PII (personally identifiable information). Unity ads also require a privacy policy. These Unity Ads are generally a little malicious, because of the UnityAdsCache ...which is used to download ads to the device for offline advertisement; alike image and video advertisements, which are +/- 30 seconds long (which may over time lead to certain performance degradation, when the internal storage is full to the brim). See reddit. However, a app's internal storage should still be accessible - but there the negative influence on performance is given - opposite to using external media, alike a SD card.

c) Another possible reason is, that it's a false positive - which could only be resolved by contacting Huawei - and they might be able to either tell you why - or update the signatures of their built-in antivirus app accordingly.

Huawei reps think it is an issue with the virus checker on their Android 7 and they might be right as the only users reporting it have Android 7. I don't have any SMS permissions or handlers or anything related to SMS. I do have intent handlers for certain file types, but as mentioned before, this issue started popping up all of the sudden with almost no change on my code, even Unity wasn't added on the version that it started popping up. — casolorz, Oct 02 '19 at 19:27
@casolorz then the only option available on your side is blacklisting the device on the Play Store console (which should also exclude it from the pre-launch test), at least until Huawei will publish a security roll-up - but there still might be users, which only have mobile data, which costs - and they might prefer to keep it un-patched. downloading video ads to such devices is generally a waste of precious traffic. — Martin Zeitler, Oct 02 '19 at 19:44
Figured it out, added an answer. While it is Unity ads, I can't reproduce the issue on a different test apk. — casolorz, Oct 06 '19 at 21:31

score 0 · Accepted Answer · answered Oct 06 '19 at 21:30

Turned out to be Unity ads. I managed to narrow down the exact release it happened on and then started testing new builds one by one on Firebase testlab and found the exact lines that caused it. Adding Unity ads on gradle does it every time.

I should add that while it happens on my apk with Unity ads, I added Unity ads to one of the Android Studio templates and it doesn't reproduce the false positive, so no idea what the issue is between my app and adding Unity ads that causes it.

Pre Launch report issue with Huawei Mate 9

3 Answers3