Understanding App Permissions on Your Phone

Question

Can you explain the dangers of allowing apps to access my contacts, photos, location and other items on my Android phone?

Answer

This question was answered on April 8, 2015. Much of the information contained herein may have changed since posting.

Image courtesy of  Siddartha Thota - https://www.flickr.com/photos/ourcage/The app permissions process on Android phones is very much like the installation process for computer programs for many: overwhelming and confusing.

Why does an app need access to so many things on your phone, like the camera or your contacts in order to work?

The answer to that question can vary widely from a sneaky app developer to the standard disclosure process required by Google.

You may recall last year’s Facebook Messenger permissions controversy that had most of the Internet up in arms.

Taken at face value, the permissions seemed to imply that Facebook could record audio or video at any time, contact your friends without your permission or modify files at will.

As it turned out, the permissions required are more of an issue of how the Android app platform has been setup and many apps required many of the same permissions.

For instance, in order for any flashlight app to work, you have to “allow the app to take pictures and video with the camera” without your confirmation.

This is because the LED on your camera that’s used as the flashlight is part of the camera circuitry and can’t be separated; therefore it becomes an all or nothing proposition.

Technically speaking, if the app can turn on the flashlight, it can take a picture or video as well, so Google’s discloser requirements necessitate the scary sounding permission.

On the other hand, sneaky app developers will overstep the ‘needs’ of the app by including permissions that allow them to generate revenue from ads or through in-app purchases.

In-app purchases in particular can be a big point of exposure if you don’t require authentication in your Google Play store settings (the steps to ensure you do are posted at http://goo.gl/BJRxGl).

Permissions for things like location information, device and app history and contacts are reasonable for mapping, GPS, browsing or social networking apps, but not for games and flashlight apps.

In general, the apps that you want to be the most suspicious of are free apps, as they often exchange use of the app with your personal information or to sell ads.

Understanding this and reviewing the app permissions on everything you install on your phone is certainly the first step, but there’s another thing to consider.

Paying 99 cents for an app that limits it’s required permissions versus using a free app that’s asking for a lot more may be the wiser choice.

As always, if you really don’t need an app, don’t install it.  When you do, take the time to understand what you are agreeing to in order to minimize your exposure.

Need Help with this Issue?

We help people with technology! It's what we do.
Schedule an Appointment with a location for help!

Author

Posted by Ken of Data Doctors on April 8, 2015