What happens to naughty SDKs that do what they aren’t supposed to do?
In the second episode of our “Google’s Privacy Sandbox for Android explained” series, we talk about SDK Runtime – Google’s proposed solution to SDKs-gone-wild.
SDKs are a convenient feature for most app developers. However, some SDKs tend to gather user data in ways that app developers aren’t privy to. SDK runtime is expected to be a step towards limiting the power of SDKs.
Check out this episode where our CEO Shamanth throws more light on this subject.
**
Note: We had two BIG launches last month!
1. The Mobile Growth Handbook 2022 is packed with incredible insights along with tried and tested strategies, this book is the perfect tool to learn from and hone your growth plans for this year. We feature hand-selected insights from the smartest mobile growth marketers.
We have over 100 pages of insights that can be accessed at all times (as soon as you sign up). Download the book now and get a head start on your growth strategies.
Download the book now and get a head start on your growth strategies. https://mobileuseracquisitionshow.com/mobile-growth-handbook-2022/
2. The Mobile Growth Lab Slack: A community that was a part of our workshop series – The Mobile Growth Lab, is now open to the general public. Join over 150 mobile marketers to discuss challenges and share your expertise. More details are available here: https://mobileuseracquisitionshow.com/slack/
If you’re ready to join the growing community, fill this form: https://forms.gle/cRCYM4gT1tdXgg6u5
ABOUT ROCKETSHIP HQ: Website | LinkedIn | Twitter | YouTube
KEY HIGHLIGHTS
🪢 What is an SDK?
🔬 The components of an SDK code are unknown
🎈 Developers can’t control an SDK
🧮 How SDK runtime solves this problem
🔍 How SDK developers may evolve going forward
FULL TRANSCRIPT BELOWA few weeks ago, we started talking about Google’s Privacy Sandbox initiative for Android, which is a set of tools and technologies for privacy-friendly advertising.
We spoke about the Topics API, which fundamentally changes targeting – and is one of what Google calls, privacy preserving APIs.
Today we will talk about another key component of Google’s Privacy Sandbox – SDK runtime. The SDK runtime is an ingenious way for Android to combat tracking and data sharing, which has been primarily driven by SDKs operating in ways that app developers don’t always have visibility around.
And yes, as you can see, this is much less ham-handed than Apple’s policy which has led to a number of bad actors contravening ATT via fingerprinting.
To understand SDK runtime and why it is powerful, it’s perhaps helpful to take a step back and understand what an SDK is. An SDK is a piece of prewritten software that any app developer can add to their app’s code. If I’ve made, say, a Match 3 game, I don’t necessarily need to write code that lets me show ads in my game – I can simply put in code written by a third party SDK provider.
The problem with that of course is that as the Match 3 game developer, the SDK code(to show ads) essentially becomes a part of my app – and yet I don’t really have too much control over what the SDK is doing(it could, for example, be accessing device data to fingerprint users to target them later).
How SDK runtime solves this problem is by separating the SDK code from the app, by ensuring that the SDK code runs in an execution environment that is completely different from what the app lives in.
Because the SDK is now decoupled from the app, the SDK has its own set of permissions that are granted and monitored by SDK Runtime, which could basically forbid the SDK from accessing user or device data that it doesn’t need.
What this would also mean is that SDK developers(MMPs or analytics providers, or ad tech companies) could simply upload their SDKs to the app stores as applications – and app developers would simply call the SDK code from the app stores, which could also solve a number of technical challenges that can lead to apps crashing due to misbehaving SDKs.
All of this of course happens under the hood – and is very much a sign that there is an ongoing movement in the direction of privacy. Even though this is in the future, this is a sign that technical solutions like SDK runtime could guard user privacy in ways that are less ham-handed than Apple’s approach with ATT.
A REQUEST BEFORE YOU GO
I have a very important favor to ask, which as those of you who know me know I don’t do often. If you get any pleasure or inspiration from this episode, could you PLEASE leave a review on your favorite podcasting platform – be it iTunes, Overcast, Spotify or wherever you get your podcast fix. This podcast is very much a labor of love – and each episode takes many many hours to put together. When you write a review, it will not only be a great deal of encouragement to us, but it will also support getting the word out about the Mobile User Acquisition Show.
Constructive criticism and suggestions for improvement are welcome, whether on podcasting platforms – or by email to shamanth at rocketshiphq.com. We read all reviews & I want to make this podcast better.
Thank you – and I look forward to seeing you with the next episode!