App Permissions and Protecting Privacy


Many users will have heard about the access apps can have to their devices, and if you install apps on an Android device, you'll immediately see what the app you're about to install can do. This leaves many users justifiably worried, especially as some of the stated permissions are quite opaque-sounding and very difficult to understand. Also, one and the same permission can be used to do different things in different apps. 

Like any other native application, an app built with GoodBarber also requires a number of permissions in order to work properly and offer the best possible user experience. However, the list of permissions required might at first seem somewhat intimidating to you or your users. That's why today we'd like to take the time to explain what permissions a GoodBarber app requires, and the rationale behind every permission.

iOS permissions

The permissions policies of the two main platforms are distinct.
We'll begin with iOS, as Apple's policy is somewhat more straightforward, despite giving the user more flexibility.

When you install an app from the App Store (remember, this is the only way to do so), Apple assumes a number of default permissions that are implied for every single app and don't require explicit consent from the user. For example, the user is assumed to consent to internet access. Furthermore, Apple also cross-checks features with the app's purpose during the review process.

However, some other permissions are not implicitly assumed when the user installs the app. Instead, these permissions are asked for after the app has already been installed, whenever the app wishes to access the feature in question. This means that until permission has been given, the app cannot perform whatever feature it needs those permissions for.

This means that when you install a GoodBarber app, you will be asked whether you wish to grant the app permission to receive push notifications immediately after the first launch. This is because the app should be able to receive push notifications at any point in time. For the very same reason, permission to access location data is also requested immediately, as this is what allows geolocated push notifications to be sent.

On the other hand, permission to access the users photos is not requested until the user takes an action that triggers that request; uploading a photo through a "Submit" section.

These are the permissions that a GoodBarber app will always ask for:
- Send push notifications
- Location data
These are the permissions that a GoodBarber app may ask for, if the user performs an action that triggers them: 

- Access to photos/videos 
- Login to Twitter

Android permissions

Unlike iOS, it isn't possible to opt in to specific permissions when you download the app, and opt out of others. In the Google Play Store, or when you directly upload the app, Google uses a "take it or leave it" approach. 

While the list of the permissions that Google presents users with is longer, as it also includes some basic permissions that are not specifically requested by Apple, users notably don't have the possibility to deactivate certain permissions individually. For example, it isn't possible to install the app, but opt out of access to location data.

This is what the permission list of a GoodBarber app will look like if you install the app from the Play Store:

Installing the app from Google Play

This is the complete list of permissions asked by a GoodBarber app:

- Identity: This gives the app access to the profile data of the user. This is what lets us find a Twitter or Facebook account of the users, if they want to use those services.

Location: This includes both the approximate, network-based location, as well as the more precise GPS-based location, if the user has activated GPS on their device.

Phone: This is what lets users make one-touch calls through the "Contact" section.

Photos/Media/Files: This lets you choose a file on your device to upload through the "Submit" section.

Wifi Connection Information: This lets the application know whether there is a connection to be able to download content.

Device ID & Call information: We use this to be able to send push notifications. We only see an internal device ID that's attributed to every device  - so there's no way for us to be able to identify any individual users.

Downloading the .apk file directly

For the very same app, interestingly, the permission list isn't exactly the same if you directly download the .apk file elsewhere than from the Play Store, for example when you test your app before publishing it. This list is more detailed than the list in the Play Store. This is probably because Google wants users to be especially cautious when installing (as yet) unapproved apps, as these can include malware if they're downloaded from unknown sources (not if they're downloaded from GoodBarber, obviously). This is what the permission request page looks like in this case:
As you can see, this list is somewhat more detailed and contains a few points the list from the Play Store doesn't. In fact, if you don't know what they're for, they can sound a bit worrying. So let's have a look at the permissions mentioned here, but not mentioned in the Play Store:

Modify or delete the contents of your USB storage and Test access to protected storage: These sound very suspicious, but in fact all they mean is the possibility to store content of the app locally, rather than retrieving the content from servers every time. This has two important advantages: The app is much faster, and content that has been previously retrieved can be accessed when the user is offline.

Prevent phone from sleeping: This permission is needed to allow uninterrupted video playback in the app without the phone going to sleep, as it normally would.

Control vibration: This ensures that the phone can vibrate upon receiving a push notification.

Draw over other apps: Again, a permission that sounds very opaque to most users. The reason it's used in GoodBarber apps is to show message boxes (such as "Save the picture in the gallery"?), as well as for push notifications.

It's what you make of them

Many users are justifiably concerned about the access that they may grant apps by installing them. What's important to keep in mind is that permissions should be justified by the app's features. An app that asks fewer permissions, but doesn't actually need them, is more worrisome than an app that asks a large number of permissions with good reason to do so.

Unfortunately, the descriptions of some of the permissions might also be a bit misleading for some people.

We'd like to hear your opinion on iOS and Android permissions: Whose approach do you prefer: The thorough information, but "Take it or leave it" approach of Google, or Apple's approach, where you might be less informed but get to keep more control yourself? Let us know in the comments!