Once the change goes into effect in May, apps can only use the permission if their “core user facing functionality or purpose, requires broad visibility into installed apps on the user’s device.” Examples of apps that will be permitted to continue using this permission include file managers, browsers, and antivirus apps that need the data “for awareness or interoperability purposes.” Banking apps, digital wallet apps, and any other app that involves “financial transaction functionality” will get a pass “for security based purposes.”
Apps that don’t have a justifiable use case for the permission risk being removed from the Google Play Store. All developers who want to keep the permission in their apps need to complete a declaration form justifying their use of it. In case you’re worried that developers could still misuse the permission, Google’s documentation clearly states it will come down hard on offending apps, whether they’re new to the Play Store or just updates to existing apps. Google could suspend apps and possibly terminate developer accounts.