14
DEC

Do you know at the time of downloading something from Play or App Store, about 50% of the most popular Android Apps and approx 30% of iOS apps request for your “location” tracking? Around 45% of Android & 25% of iOS request permission for your “device camera”? And the rest for SMS or phone call logs.

But why does an app need to access so many things? To work why so much of data is needed?

It is analyzed that over 2.8 million apps in the Google Operating System seek at least 400 different permissions from the smartphone user.

Android permission is the best friend of an Android Developer. But on the other hand it can sometimes be called the worst enemy too.

Do you remember how many times you have clicked on “I agree” on an everlasting list of “terms & conditions” without scrolling down till the end? If you have done this before, you need to be more careful from now about the negative aspect of Mobile Applications.

At the time when you install some app or a during an app update from Google Play Store, a pop-up list appears regarding all the permission it needs to access. It may include SMS, Phone Calls, Cameras, Media files, etc. which they need to fulfill their functional ability. But very often some permissions are irrelevant to the app we are downloading.

For example,

While downloading a beauty app it is okay for the app to ask permission to access your camera but what does a true caller app need to do with your camera? Permission for location, device & app history, contacts are acceptable for an app like maps, GPS, networking apps but not for games or flashlights apps.

If you notice, they mainly request to access over sensitive hardware data on your device. So, it’s important to be aware of which permission those apps are requesting from you.

Let me give a name to the permission that according to our research is suspicious for you as “Risky permissions”.

Look, Normal Permissions are allowed by default and don’t pose a risk to your privacy. But Risky permissions can access things like your call, contact, messages, files, location, camera and more. For this only, your Androids seek your permission first.

They appear with a long list of permissions with a range of “Terms & Conditions” agreement. And what we all do generally do is just accept without reading the entire list and move to the next step. Skipping these is like you’re blindly handing over your data to an unfamiliar app! However, the latest version of Google’s Android operating system and Apple’s iOS allow users greater elasticity in deciding what permissions to provide to apps.

Now what you need to be alert of are as follows:-

Before installing an app:

  • • Read the permission carefully.
  • • Think of what permissions it requests from you. If you find the permission to be excessive, question yourself and then agree. If it seems to be suspicious then simply “deny” their access.
  • • Go through the privacy policy of the app.

In case you have already downloaded the app:

  • • If you’re using the Android app, you can remove the unnecessary permission simply by going to the Settings menu and click on Permissions. By removing permission that particular app may stop working. Well-designed apps will notify if they need permission when you try to perform the function that is required by them.
  • • In iOS app, it can be removed by going to the Settings menu & click on Privacy.

Just Remember…

App permission is there to warn & protect you. Yes! They are annoying at first with a long list of conditions. But you only need to go through them very carefully before tapping.

Your security is in your own hands. Stay cautious and notified all the time. Somewhere, someone is always trying to hack you. To access the cyber risk of your company and create an ad-hoc plan to manage the risks always conduct a Cyber Security Consultant.



Leave a Comment:

Populer Postes

12 DEC, 2019

A Guide to “What is Clone Phishing?”

Get Exclusive Cyber Security Tips On:

Prevention from damage dealt to an organization’s reputation.

Investments on fixing the issues caused by attack.

Preventing confidential data and Intellectual Property being stolen

Prevention of revenue loss due to service disruption and much more.

Subscribe Now