App permissions explained: Which ones should you allow?

Usually, you can review app permissions in the app store before downloading an app. An app permission request also pops up on your screen once you install and open the app for the first time. You can then enable the app to have requested permissions all the time, only when the app is in use, or never.

App permissions are necessary for different reasons:

• App functionality. Most apps need specific permissions to function. Your messengers require access to your contacts to send them a message, your camera requires access to your camera and microphone to do recordings, and your navigation app needs to access your location to provide the best route suggestions. If you don’t grant the required permissions, the app will not function as intended or will keep asking you to enable the permissions whenever you try to use it.
• User experience. Some phone app permissions are not crucial, but they can improve your experience on the app. For example, your fitness app may ask for your location to track the distance you walk or run daily.
• Security and privacy. If apps got access permissions by default, it could compromise the security of your device. So app permissions are like a failsafe if you download a suspicious app. If you set app permissions correctly, they can prevent apps from accessing unnecessary data and spying on you.

While app permissions are necessary, sometimes apps request permissions that they don’t need and shouldn’t have. For example, a calculator app may want to access your contacts or photos. If you enable access, you may give your data over to spyware in disguise.

There’s no universal rule for which app permissions you should always allow or deny.

Different permissions exist for various reasons. One app may need specific permission to function, while another may request the same permission to collect and sell your data.

However, some app permissions enable access to more sensitive data than others, so they deserve a closer look.

(iOS and Android app permissions may be named differently, depending on the version of your operating system.)

Camera

If an app accesses your camera, it can take pictures and record videos. Some apps may misuse this permission to access your camera without your knowledge and invade your privacy.

Only grant access to your camera to trusted apps that genuinely require camera functionality, such as your camera app.

Sometimes camera requests make sense for other apps too. For example, social media apps may need it for video calls or posts, while other apps may require it to scan QR codes. But if you need help determining whether you trust the app enough, you can always grant access to your camera only when the app is in use.

Microphone

If you feel like your phone is listening in on you, you may want to inspect which apps can access your microphone. Apps with microphone access can record audio. Some apps may abuse this access to capture your conversations without your consent.

Always verify that the app requires microphone access for its intended purpose. It makes sense to grant microphone access to messengers for making calls, cameras for recording video sound, or apps you command with voice. But if you don’t see an apparent reason an app wants to access your microphone, stay on the safe side and deny the request.

Files and media

Apps with access to your files and media can read, modify, or delete the content on your device, including your sensitive files, photos, and videos.

For example, your photo library may need file and media access to sort and preview your photos, while security software requires it to scan your files for malware. Some apps, such as your browser, may also need this permission to save files to your device.

Do all apps need access to your files? Most likely not. So consider denying access to your files and media to most apps, especially if it seems irrelevant to their primary function.

Location

Apps with location access can track your device’s location using GPS or other positioning methods. It’s crucial for maps and navigation apps, but many other apps request access too.

You may share your location with your friend on Facebook Messenger from time to time, but do you want Facebook to know where you are at all times?

Some companies can use location access for personalized advertising, tracking, and selling your location history to third parties.

Moreover, if you let an app record your location history and cybercriminals breach that app or hack your account, they can quickly figure out where you live, work, and hang out with your friends.

Your location is sensitive data, so always be cautious when granting location access to avoid app tracking.

Contacts and call logs

Granting access to your contacts and call logs allows apps to read and manage your phonebook and see the history of your calls.

Contacts and call log permissions are usually intended for apps you use for calling and sending messages, but many other apps would love to access this data too. After all, malicious apps could misuse this access to collect information about your communication patterns and later use the harvested data for phishing attacks, spamming, or other fraudulent activities.

Review your contact and call log permissions to avoid compromising your communication data and the phone numbers of your loved ones.

Special access

Apart from the usual app permissions, some software may request special access. Essentially, this access includes several different permissions, such as:

• Access to all files
• Appear on top
• Ignore the “Do not disturb” mode
• Change system settings
• Use mobile data when data saving mode is on
• Install unknown apps
• Control Wi-Fi

It’s “special” access for a reason – most of these permissions control how your phone behaves, and a malicious app with such access could wreak havoc on your device.

Adware with notification access could bombard you with ads, and fake apps with access to all files could collect a goldmine’s worth of personal data. Not to mention apps with permission to change system settings or install unknown apps – they could download malware and mess with your device.

Usually, apps request access to individual special permissions. For example, your keyboard app may need permission to appear on top so that you can use the keyboard on many different apps. But always be careful with special access permission and grant it only to the apps you trust.

Other permissions

Any other app permission can become dangerous if a malicious or vulnerable app can access it. For example, you may not consider your step count confidential information, but permission to access body sensors can reveal sensitive health data. Meanwhile, access to nearby devices can aid cross-device tracking.

Like with terms and conditions, many people skim the app’s permission requests and agree to everything the app asks for. But some apps have questionable privacy practices, so it’s a security and privacy-threatening choice.

The risks of allowing app permissions include the following:

• Identity theft. Some permissions may enable apps to access personal information, such as your name, home address, email address, phone number, and date of birth. Criminals behind that app could use your personal information to commit identity theft or other fraudulent activities.
• Personalized attacks. Online scams are much more effective when personalized, so app permissions revealing your data can help hackers create convincing phishing and social engineering attacks.
• Location tracking. Apps with location access can discover your home or work address and know your whereabouts at any time.
  • Marketers could misuse your location information for profiling and advertising.
  • Hackers could use it for vishing, smishing, or other scams.
  • Criminals could use your address to plan a robbery when you’re away.
  • Data brokers could collect and sell your location data to the highest bidder.
  • Anyone with a grudge could use it for swatting attacks.
• Malware. Apps with special permissions can download files, including malware, to your device. Malicious software can then take over your device, request a ransom, or spy on you.
• Data leak. Any data that apps access is at risk of being breached or stolen. A data leak can happen because of an outdated operating system and app or other vulnerability on your device.
• Compromised privacy. Most data on your device is private, so apps accessing it for no good reason compromise your privacy.

Here are some things you can do to avoid enabling dangerous app permissions.

• Read app reviews and descriptions. Before you install an app, read reviews from other users to see if anyone has reported suspicious behavior or excessive permission requests. Moreover, check the permissions the app needs in the app store description. If something seems fishy, it may be best to look for alternative software.
• Review the permission requests carefully. When installing or updating the app, review the permission requests again. It will help you understand what data the app plans to access.
• Allow necessary permissions only. Always consider which permissions the app needs to function. If an app requests access to a feature or data unrelated to its functionality, deny that permission.
• Pay special attention to the special access. Be careful deciding which apps should be allowed to modify system settings – it can affect the functionality of your device. Grant this access only when it makes sense for an app to have it and only to trustworthy apps.
• Take care of your app security. Install updates and security patches, so hackers won’t have time to exploit app vulnerabilities. It’s especially crucial for apps with special access or other dangerous permissions.
• Don’t underestimate big-name apps. Well-known apps usually give the impression of being safe to use, but don’t skip analyzing their permission requests. The apps you least expect can be the worst apps for your privacy.
• Audit your app permissions. Regularly check the permissions you’ve granted to apps on your device and revoke or change app permissions that you no longer feel comfortable allowing. If you haven’t paid much attention to app permissions before, now is a good time to audit installed apps.