Cardinal Mobile SDK google play policy compliance issue.

[hiteshchalise]

Our application was hit with a google play policy compliance issue.

Your app is using the Cardinal Mobile SDK which collects persistent device identifiers, but may not be limited to Android ID and hardware IDs. Persistent device identifiers may not be linked to any other personal and sensitive user data and/or resettable device identifiers (e.g., IMEI, IMSI, SIM Serial #, etc). You may consider upgrading to a policy-compliant version of this SDK, if available from your SDK provider or removing the SDK. According to your SDK provider, you may consider upgrading to 2.2.7-2. Please consult the SDK provider for further information. Google is unable to endorse or recommend any third party software.

I am currently using version 0.6.2 of android-checkout-sdk.

From my understanding our application has no direct dependency with Cardinal Mobile SDK but it is through android-checkout-sdk. Will upgrading to newer version of andoid-checkout-sdk solve this issue? I Just want to make sure that I upload a policy compliant update.

Any help will be appreciated, thank you.

[mcoskunnn]

+1

[caizhixing]

implementation("com.paypal.checkout:android-sdk:0.8.6"){ exclude group: "org.jfrog.cardinalcommerce.gradle", module: "cardinalmobilesdk" } implementation("org.jfrog.cardinalcommerce.gradle:cardinalmobilesdk:2.2.7-2")

[tdchow]

Hey @hiteshchalise @mcoskunnn @caizhixing - Thanks for reaching out with this issue!

We're in the process of updating the Cardinal SDK and will have a new version of our SDK published shortly. We'll update you all here once that new version is available.

[developer-dmp]

Good to know @tdchow! Initial pass of the above solution is working for me on 0.8.5 as well 🤙

[tdchow]

Hey @caizhixing and @developer-dmp - I was seeing reports in other SDKs that include Cardinal 2.2.7-2 that apps were still getting flagged by the Playstore.

Can you confirm that you were able to get your latest APKs approved by forcing version 2.2.7-2 of the Cardinal SDK?

[caizhixing]

I did not send the newest app (contain version 2.2.7-2 of the Cardinal SDK) to googlle to review.

[developer-dmp]

Yeah @tdchow we were waiting on this change first to be honest. I can keep you updated with our next release

[tdchow]

@caizhixing @developer-dmp - No worries at all. Cardinal has confirmed that 2.2.7-2 is compliant with the Playstore. We're still working on getting a new release out with this version. Please hang tight!

[tdchow]

Hey everyone! Version 0.8.7 of the SDK is now available, which includes the latest Cardinal version. Updating to this version will resolve the Playstore compliance issue!

https://github.com/paypal/android-checkout-sdk/blob/main/CHANGELOG.md#version-087

[developer-dmp]

Thanks @tdchow!

[saperi22]

Issue addressed in 0.8.7 version of the SDK. Please see https://github.com/paypal/android-checkout-sdk/pull/179 for additional context.