Because we didn’t provide Google’s review team with a username and password for testing the app. Apparently they didn’t realise they can choose any username and password they like.
Well perhaps next time give the review team a way to login, since they don't know how to use the app?
Google recently turned on new checks that are throwing apps out the store w/o warning. I'm dealing with Google now for an app, and it's worse than anything I've dealt with on Apple's app store. Like usual, anything from Google that requires a human, becomes problematic.
Technically Briar doesn't have any kind of signup process, it's only asking you to choose a nickname and a password that will be used to encrypt the content stored locally (and securely store the encryption keys). The nickname is only an arbitrary label shown to other users (multiple users can have the same nickname, but they'll have a different procedurally-generated avatar tied to the actual unique ID).
You can literally type in anything, since there's no server that validate that info.
There's a multitude of reasons why review teams do not wish to create an account to test your app. Repeat testing is an obvious one, for clutter avoidance (and close relation, namespace pollution issues), email failures, payment barriers, variations between plans and account types, inadvertent secrets reuse, staff unauthorized to accept any additional T&Cs, simple efficiency, the list goes on.
A prepared account for them is no good either. It could be a special account, makes the app work differently and all their review is for a manipulated test scenario.
Allowing the assumption of malice to overwhelm all other concerns is rarely a wise process. There are other equally easy ways to trigger alternative behaviour. This is why review teams invest in static analysis tooling.
I'm sure they are perfectly capable of signing up. But, I'd bet they are expressly forbidden from doing it.
Signups typically involve agreeing to some terms, and you absolutely don't want company employees working their official job duties agreeing to random T&C's.
Why wouldn't the terms and conditions the developer agrees to resolve this problem? i.e. "by submitting this application you grant us a waiver allowing our review team to test your application without agreeing to your terms and conditions"
As I understand it, it's not a signup as such. Account details are stored locally only. It wouldn't make much sense to require signup for an app whose whole point is to be decentralized.
I guess I'd have to operate on the only evidence I have to the contrary: there are thousands of apps with authentication in the Play Store that aren't banned.
I think we all know the drill with walled gardens but if you want a fighting shot of getting in they at least give it their guidelines.
This seems like victim blaming. Removing the app from the play store seems like much too harsh of a punishment for a simple procedural oversight. To me it seems like a more appropriate response would have been to give Briar a 5 day window to supply credentials and leave their existing app in the play store.
To me, it sounds the other way around: how good is a test if the tester can't even figure out something that basic? They might follow some strict scenario, but if it's that inflexible, it still casts doubt on the quality. But yeah, just complying with google's rules seems the easiest way out of this.
It's likely automated, so they wanted to have some data to type (even if it's arbitrary such as this case) in for the automated tester to move forward.
