As Ars mentions, Google maintains that these apps are not properly checking the context of the autofill. Android's digital asset links is a secure way to verify that an app is associated with a specific web domain. As a password manager, you need to use these links to validate that the Android app you're autofilling into matches the domain that you're autofilling into.
If they don't do that, they are effectively leaking your credentials through negligence. Recommend staying far away from the ones that dismissed this issue as wontfix.
If they don't do that, they are effectively leaking your credentials through negligence. Recommend staying far away from the ones that dismissed this issue as wontfix.
https://developer.android.com/reference/android/service/auto...