Your Guide to Android Permissions: When to Accept and When to Refuse App Permissions?

Does this message look familiar?

Most apps out there will ask for access to some of the features on your phone the first time you open it. This can be location, camera, microphone, photos, phone calls, messages and more.

Here’s the question: should you always allow Android app permissions?

In this article, we’ll show you why you should think carefully when allowing app permissions and how to manage permission requests on your Android device to protect your data privacy.

What are Android App Permissions?

Almost every time you install an app from Google Play Store, that app will request certain permissions, that is to say, access to some feature of your phone.

In the example above, for instance, we have AccuWeather, a well-known weather app for Android, which requests to use the location on the user’s phone.

• Curious as to how an app will track your location?

Another example of this would be a barcode app that requests permission to access your camera.

Apps can request permissions to just one or even more features on your phone, but while most of the time these permission requests make sense (a weather app does need to know your location), a lot of time an app will request permissions to something that it absolutely does not need to function.

This is why it’s important to know how to manage Android app permissions.

You can learn more about Android app permissions on this page.

How to Find Permissions an App Uses?

Let’s say you want to find all permissions that an app is using.

To do this, you will need to:

1) Open the Settings app on your device

2) Tap Apps

3) Go to Apps in the next list

4) This will open a list of all your apps. Scroll through it to find an app you want to inspect and tap on it

5) Next, tap Permissions

6) Here, you will see a list of permissions for that app. In this case, the app is requesting permissions for location and phone calls. You can see that both permission requests are approved by the blue slider next to them.

7) To deny a permission request, simply tick the blue slider off (to gray) and the app will no longer have access to these features

How to See All Apps That Request a Specific Permission?

You can also go through the app permissions and see all of the apps on your device that have a specific permission.

For instance, let’s say you want to know which apps on your phone have access to location services on it.

To do this:

1) Again, open the Settings app first

2) Tap Apps

3) Here is where the methods diverge. instead of tapping Apps on the list, tap Permissions

4) This will open a list with all permissions on your phone. Below each permission, you can see the total number of apps that request this permission and how many are you allowing

5) Since we are looking for Location tap on it. On this phone, 37 total apps request access to Location, of which 12 are allowed.

6) Now you can see Location permissions and all apps that require it. Go through the list of apps and tick any app that you want to deny access to your phone’s location (the slider should turn gray)

How are App Permissions Categorized?

On Android, permissions are categorized into three groups:

1. Install-time permissions;
2. Runtime permissions;
3. Special permissions.

Let’s take a look at each of these in more detail:

Install-Time Permissions

Install-time permissions allow an app to perform certain restricted actions and give it access to restricted data. These permissions are requested by the app before installation so when they are approved by the user, they are automatically granted when the app is installed.

There are also two sub-types of install-time permissions:

Normal Permissions

Normal permissions give an app access to restricted actions and data beyond its sandbox. However, these interfere minimally with the operations of other apps and present little risk to the user’s privacy.

Normal permissions include:

• ACCESS_NETWORK_STATE;
• ACCESS_WIFI_STATE;
• BLUETOOTH;
• CHANGE_NETWORK_STATE;
• CHANGE_WIFI_STATE;
• EXPAND_STATUS_BAR;
• INSTALL_SHORTCUT;
• INTERNET;
• REORDER_TASKS;
• SET_ALARM;
• Etc.

Signature Permissions

Apps can declare Signature permission. In this case, if one app declares signature permission that another app has already defined and both apps are signed by the same certificate, the permission is granted to whichever app is installed first.

These permissions include, but are not limited to:

• BATTERY_STATS;
• BIND_CALL_REDIRECTION_SERVICE;
• CHANGE_CONFIGURATION;
• CLEAR_APP_CACHE;
• DELETE_CACHE_FILES;
• GET_ACCOUNTS_PRIVILEGED;
• MANAGE_EXTERNAL_STORAGE;
• PACKAGE_USAGE_STATS;
• READ_VOICEMAIL;
• SMS_FINANCIAL_TRANSACTIONS;
• Etc.

Runtime Permissions

Runtime permissions give apps wider permissions to perform restricted actions or access restricted data than install-time permissions do.

This also means that these types of permissions can affect the system and the other apps more substantially and is the reason why they are also called “dangerous permissions“.

“Dangerous permissions” include:

• ACCEPT_HANDOVER;
• ACCESS_FINE_LOCATION;
• ADD_VOICEMAIL;
• ANSWER_PHONE_CALLS;
• BLUETOOTH_CONNECT;
• BODY_SENSORS;
• CALL_PHONE;
• CAMERA;
• GET-ACCOUNTS;
• Etc.

You can check all Android app permissions on this page.

What App Permissions to Look Out For?

To make things a little easier if you don’t want to go through the entire list, here are the permission to look out for:

1. Body sensor – Used by fitness trackers, heart-rate monitors and similar apps. Grants access to the user’s health data. Check out our article on unhealthy data harvesting habits and bad privacy practices from health apps to understand why this can be dangerous;
2. Calendar – With this permission request granted, an app can read, create, edit and delete calendar events;
3. Camera – Grants an app permission to record videos and take photos using the phone’s camera;
4. Contacts – This permission lets an app read, create and edit the contact list on the user’s phone. In addition, it also allows access to accounts on the device, such as Facebook, Twitter, Instagram, etc;
5. Location – An app can access the phone’s approximate location (via WiFi hotspots and cellular base stations) and exact location (via GPS);
6. Microphone – This permission allows an app microphone access to record audio;
7. Phone – An app will know the user’s phone number, mobile network info and ongoing call status. It can also see who is calling, make/end calls, read/edit call logs, use VoIP, or redirect phone calls to other phone numbers;
8. SMS – Allows an app to receive, read and send SMS and to receive WAP push messages and MMS messages;
9. Storage – Grants an app permission to read and write to the phone’s internal and external storage.

How to See What Permissions an App Requests Before Installing it?

You don’t have to install an app to see what permissions it will request.

To check this:

1) Open the Play Store app.

2) Find an app you want to install. For example, we’ll take a look at one QR & Barcode Scanner, so tap that.

3) Tap About this app.

1. 4) On the next page, scroll all the way to the bottom until you find App permissions and tap that to open.

5) Over here, you can see what permissions is the app likely to request. Note that it doesn’t mean that the app will always ask for those permissions.

When is it Okay to Allow Android App Permissions?

Apps need certain permissions to properly function. However, they will often ask for permissions that they don’t need.

Here it is best to use common sense to decide.

Does an app need this permission?

For instance, a weather app like AccuWeather does need to know your location to give you accurate weather. Or, Snapchat will need access to your camera to take photos and videos.

However, if we switch this, does a weather app need access to your call logs or camera and does a chat app really need access to your location?

Probably not.

Be Careful of Permissions That can Change System Settings

There are also certain types of app permissions that can change and override system settings.

These are:

1. Admin privileges;
2. Root privileges.

If a malicious app gets these, it will have super-user privileges and basically, the hacker will be able to do whatever they want with your device.

Admin Privileges

Admin privileges, or Device admin privileges, also Admin rights, allow an app to:

• Change system settings on the device;
• Change the password on the phone;
• Lock the phone;
• Permanently delete all data from the phone.

Root Privileges

Root privileges or root access allow an app “superuser” privileges. This means that an app can do anything it wants, regardless if the permission is already granted or not.

Root privileges are blocked by default on Android.

Conclusion

Apps are there to make our lives easier, not to invade our privacy. Because of this, you need to be very careful what permissions you allow on your Android phone and revoke permissions that the app doesn’t need.

This especially goes for any unused apps on your phone. If you have such, revoke all the permissions it has.

Have you seen our latest CTemplar Android app? The 1.6.0 version includes:

• Button for load blocked images directly on the view screen;
• Better support attachment sending for the latest Android versions;
• Improved email sending flow;
• Improved swipes handling;
• Real-time folder counters update;
• Improved custom folders render;
• Removed custom folder limits;
• Other stability and UI improvements.

Download the CTemplar app from the Google Play Store if you want an app that truly protects your privacy.