Most apps on your Android smartphone won’t work without you granting them permission to access certain features or resources, such as your camera, location, or media files.
Some of these access rights are required and useful, while others can pose a threat to your device security and online privacy on your smartphone — reason enough to clarify which app permissions are fine and which are not. Read on to learn how to change the app permissions on your Android device — and how to better protect your smartphone and your data from malicious apps with Avira Antivirus Security for Android.
What are Android app permissions?
As soon as you download an app onto your Android device, it will request various permissions either when you install it or use a certain feature for the first time.
With these Android app permissions, you allow the app to access certain areas of your smartphone. For example, a photo app needs permission to access your camera to take pictures. If you don’t grant it permission, the app won’t work. You may even get two permission requests: One from the app itself and another from the Android system.
Some Android app permissions are required for you to use an app without restrictions. But there are also apps that request many more permissions than are actually required, severely endangering your device security and privacy on your smartphone or tablet — not to mention causing personal data breaches.
Essential Android app permissions
Some app permissions are essential for smartphone apps to do what they’re designed to do. As an example, the Contacts app needs access to your contacts on your smartphone and/or SIM card memory as that’s the only way you can actually call your contacts.
But there are also various additional permissions that are not entirely essential, but simply improve your experience when using your smartphone. Among them, if you allow your route-planning app to access your contacts, you can enter a contact’s address when planning your route.
If you feel you don’t really need to grant such additional app permissions, you don’t have to. Trusted apps will still work — you just won’t be able to use certain features.
Some app permissions can pose a risk
Alarm bells should be ringing if you need to grant a whole raft of permissions before you can even start using an app. Many apps we install on our mobile devices request loads more permissions than they actually need — often compromising our privacy in the process. For example, if a calculator app asks for your location, something really doesn’t add up.
As a rule of thumb, you could say that apps that actually only perform simple tasks should only request a few permissions. So be cautious with rather basic apps when they request a long list of them.
It’s a similar situation with apps that request access permissions to body sensors, the microphone, or your contacts. That’s because such apps tend to land you in the cross hairs of cybercriminals.
You should also be aware that most apps track — often unnoticed — user data such as your IP address, browser history, and your search requests. This data is collected, analyzed, and used to build user profiles which ad companies and marketers can then use to target ads at you.
And then of course there are the many other countless, extremely dodgy apps that can cause tremendous harm if they’ve secured app permissions to access your smartphone. It’s therefore important to know how to manage your Android app permissions to keep access to your smartphone under control.
Security solutions for Android can help improve protection against over-reaching apps
With an all-in-one security solution for Android, like Avira Antivirus Security for Android, you can strengthen your smartphone and tablet’s protection against many cyberthreats and also better limit tracking of your mobile activities. Even with the free version of this multi-feature Android security solution, you benefit from a whole range of tools. These include:
- Regular virus scans check your mobile phone or tablet for possible virus or malware infections, which might occur if you’ve blindly given an app all requested permissions. After all, sophisticated virus protection is an absolute must-have on all your internet-enabled devices.
- With Identity Safeguard, you can check if your email addresses have been involved in a data breach.
- With the permissions manager built into this solution, you can see which of your installed apps have background access to your personal data — and may even be using more permissions than needed.
- And thanks to the encryption technologies in the VPN (virtual private network), which is also included, you can surf anonymously. This can improve your online privacy when using your Android device, especially on public Wi-Fi hotspots — with a 100 MB traffic limit per day.
How to manage Android app permissions on an app-by-app basis
You can set permissions for your Android apps on a per-app basis, although this can take a while depending on how many apps you’ve installed on your device.
In our example, we take a closer look at the AR Emoji app’s permissions, but the process is the same for most apps. And we use a Samsung Galaxy S21 FE 5G and the current Android 13 operating system in this and the following instructions.
- On your Android device, open the Settings app, swipe up and tap Apps, then select the app you want to check and manage the permissions for.
- In the App info screen, you can see at the top which access permissions have been granted. Now tap Permissions to view the app permissions in detail.
- If you want to change the app’s access to the microphone — as in our example — tap that.
- You can then choose whether and when you want to allow this app access to your microphone.
Top tip: Here you can also tap See all apps with this permission and change their access rights, if necessary.
How to manage Android app permissions by permission type
If you want to check which apps have access to a specific permission type in one go, follow these steps:
- In the Settings app, swipe up to Apps.
- Then tap More options (the icon with three dots) in the top-right corner and select Permission manager from the context menu. You’ll now see a list of permission types and how many apps are permitted to access each type.
- To see which apps have access, choose the permission type you want to check. In our example, we’ve selected Photos and videos.
- In the next step, tap the app whose access rights you want to manage for this permission type and specify whether you want to give permission or not.
If you customize app access rights via the permission type route, you will also be offered the option to check all the rights of the app you are managing.
Manage camera and microphone access universally for all apps
You can also manage access to the camera and/or microphone on your device universally — which basically means you can turn the permission on or off for all apps.
- To do this, open the Settings app on your device.
- Tap Security and privacy, then tap Privacy again.
- Turn off camera and/or microphone access by dragging the slider to the left.
Which Android app permissions should you allow — and which should you deny?
There’s no hard and fast rule as to which specific permissions you can or can’t safely allow. That’s why we’d like to take a look again at some of the permission types below to give you a basis to choose individual app permission settings:
- Camera: If you share photos or videos with your contacts and also use social networks for this, these apps naturally need permission to access your camera and/or the Photos app. On the other hand, if you allow rather dodgy apps to access your camera, they could take pictures of you without your knowledge and misuse this personal data to cause harm.
- Microphone: Whether you tell Amazon’s Alexa to do something or send voice messages via WhatsApp, we no longer pay a second thought to granting apps permission to access our microphone. However, there have already been cases where Alexa has recorded conversations without permission being given.
- Calendar: Many also consider giving apps access to our calendar as nothing to be worried about. After all, this permission is very handy since you can use it to keep an eye on events and appointments from a wide variety of channels. However, this makes it easier for some apps to track you, so they can better recognize your habits and preferences.
- Contacts: Granting apps access to your contacts is also a concern with this Android app permission. That’s because apps can use this permission to access both your contact lists on the phone and the contact lists of your social media accounts, which often have less secure security settings. As a result, this permission is often abused for phishing or other cyberattacks.
- Storage: When you allow apps to access your storage, you allow them to download your content, files, and even your messages. All this personal data is worth its weight in gold for data brokers — and in the worst case, it can even end up on the darknet if cybercriminals steal it.
- Body sensors: Apps that have been given access to body sensors can collect all kinds of personal health data — and many share that data with advertisers.
Things to watch out for with Android app permissions
Apps listed in the Google Play Store are rigorously checked. Nevertheless, you may see a rather dubious app there that asks for a lot of unnecessary permissions or even comes bundled with malware.
As such, always check out the reviews in the Google Play Store. In the case of poorly made fake apps, the ratings are usually split right down the middle: 100% dissatisfied on the one side and 100% delighted on the other. When you see such extreme groupings, you can be sure that the five-star ratings are fake to get you to install the app.
If you want to check which Android app permissions your chosen app requires before installing it, go to the app’s listing in the Google Play Store. Tap About this app and then swipe up to App info. Now tap See More next to App permissions to see all required permissions at a glance.
Top tip: In German-speaking countries, you can check free apps with regard to their privacy implications using this site’s quick-check service. The non-profit association iRights e.V., in cooperation with Institut für Technik und Journalismus e.V., checks popular apps in terms of data protection and what permissions they require and whether they contain ads, in-app purchases, or trackers.