Android App Permissions and How to Manage Them

welcome screen

With one of the highest smartphone penetration rates all over the world, Singapore runs on mobile. We use apps for pretty much everything these days.
Since apps provide us with so much utility, they also make use of our phone’s hardware and storage resources.
Unconsciously tapping away ‘Allow’ before we want an action to be done through an app is where we need to pause a little and think- Allow what, deny what.
We have at least some control over it, thanks to Android’s guidelines to app developers to ask for permission before they can use any of it.

2018 had been a year of privacy controversies hitting the tech bigwigs. It has brought the issue of app permissions, which we generally overlook, to our attention. So, knowing about app permissions and managing them becomes essential today.

No android app can use your contacts, SMS facility or your camera, etc. without you allowing it. The permissions invoked when you launch the app now, unlike older times when such permissions came during the installation.
Today’s apps should still be able to work when you deny them the permission for some specific action, without some services, that is. If you still request the action, it will again ask for the approval. For example, your payment app wants to make use of your contacts, you deny it first, but when you wish to send money to someone in the contact list later, it will ask you for your permission again. If you still deny it, you will not be able to use the facility, but other services may still be available to you.

Here’s a look at all your app permissions for your Android phone. The screenshots are from Android 8.0 Oreo device and are similar the older versions.

app permissions

  • Body Sensors: allows your fingerprint data, health data like heart rate, step count.
  • Calendar: allows the app to add, delete or edit events.
    You would not want to divulge personal events like your doctor’s appointment to any app.
  • Camera: for taking pictures and videos, scanning QR codes. Make very sure the app needs it to function.
  • Contacts: allows access into your contact and address book for reading and editing contacts. Having malicious people send phishing, and other spams from your id are scary.
  • Location: for know your location through GPS and to offer localized services or meaningful ads. Some stranger knowing exactly where you are and when makes you 200% more vulnerable.
  • Microphone: for audio related function. Losing control over your mic would be crazy.
  • Phone: allows access to phone number and network. Used for making calls and editing call logs. These days everything is linked to our phone numbers even sensitive banking detail too making us susceptible to harm.
  • SMS: allows to read, send and receive SMS/MMS. And you don’t want malicious apps spying the content or sending out spams.
  • Storage: allows reading from and writing into your phone’s memory.

There were a couple of additional permissions too which are more private and rarely requested by apps like car information and reading instant messages.


Managing App Permissions:

Permission once given is not permanent, and you can choose to revoke them anytime you want.
There are two ways to do this.

One, If you want to holistically look at which all apps make use of what components of your phone you can go into your Android Settings and look for Apps and Notifications. After tapping on App Permissions, it will list all categories with the number of apps mentioned. You can tap on the category and look at which apps are making use of that category and change that status.

Two, you can go for an app by app basis by choosing App Info from the Settings Menu. Choose the app for you want to manage the permissions. It lists the permissions that requested and you can change their status.

Next time, while tapping on ‘allow,’ always be aware of what the app wants to get done and will it need access to the elements it is demanding?
For example, Instagram will need your camera and microphone to allow you to upload pictures and videos, but it requesting your contacts or SMS is not necessary, and you can deny that.

When you wish to install an app, credible developers always explicitly mention all the permissions that the app needs in the description of their Google Play Store.

And, always remember these permissions are not permanent and can be withdrawn anytime you want. To be safe, avoid any unreliable apps which demand unnecessary permissions.

Happy and safe surfing!