One of the things that make owning a smart phone or tablet so appealing is the myriad of apps, both free and commercial, that are available for these devices. Let’s face it, if owning a mobile phone was just about making calls, we would all still be lugging around old Nokias with LCD monochrome displays. Back in the day, you were considered lucky if your phone shipped with one or two basic games, but these days we are spoilt for choice and can experience titles that even consoles of ten years back could only dream of.
It is not all good, however as with all the choices there are also more dangers. A few years back, the only way that thieves could get their hands on your mobile photos or information was if they physically stole the device. Nowadays, everything is connected to the Internet at all times, which has some obvious advances, but also places your privacy at risk. Luckily, if you stick to obtaining your apps from reputable sources, such as the Google Play Store, you are safeguarded from most of the dodgy viruses and malware that is making the rounds, but this doesn’t mean that you can grow complacent.
Apps generally have to ask your permission to access or do certain things with your device, but like the end user license agreement in most software and games, most users tend to skip past it like it wasn’t even there. Unfortunately, doing so can cause you money or even your privacy, so next time you decide to load a new app on your device, you might want to take a closer look at what it wants to do behind the scenes. Of course, reading the permissions isn’t going to help you much if you don’t understand what is actually being requested, so let’s take a look at some of the common ones.
With in-app purchases, a free game can quickly turn into a money sink if you are not careful or if your children get their hands on your device. In-app purchases typically offer you some kind of advantage in the game or application, in return for your hard-earned cash. Since there’s no two-hour trial period like with paid app purchases you should be very careful when pressing anything labeled “buy” inside the game if you permitted in-app purchases.
According to Google this means that the app uses one or more files on the device. While it is reasonable for an app to access images, videos or audio on your device, by granting this permission you are also allowing some other less savory permissions that is grouped along with it. For example, the app can read the contents of your SD card, modify or delete this content and even format the external storage!
By allowing apps to use the SMS feature of your device it means that you might receive text messages, but it also gives the app permission to read your text message, edit your text messages or even send SMS, which may cost you money. If you see an app asking permission for the SMS make sure that it has a very good reason for doing so, as it might end up costing you real money.
Rather Safe Than Sorry
Due to the revamped way that Google Play displays permissions in groups it is possible for apps to make use of other features in the same group through automatic updates. This means that giving permission to the “Contacts/Calendar” group to read your contacts will also give the same app the permission to modify your contacts or send email to guests without your knowledge! Equally worrisome is the “Camera/Microphone” group which allows the app to take photos and videos, record audio and record video. Certainly not actions that you would want to take place without your consent.
Obviously not all app developers are shady, but many people feel that the way Google is grouping app permissions into such broad categories, it opens the system to abuse. At the end of the day you are going to have to be more cautious about what permissions you grant to an app and whether the associated risk is worth what you will receive in return.
Some apps genuinely need certain permissions in order to function correctly, so unless you plan on never using apps again you are going to have to grant permission to some. The key is to be diligent and make sure that the type of permissions requested actually correlate to what the app is about.