All You need to know about Best Practices for Android App Permissions
It all started with the advent of Marshmallow or Android 6.0 when the search engine giant Google offered additional control to the Android device users regarding an Android app’s access to capabilities or information aka permissions. In other terms, the user can control what type of data an app can access after installation from phone memory. Google’s permission-related new approach has brought a radical change in Android app development. App permissions are aimed to protect sensitive information stored in a device through restricting the access.
Types of app permissions
Android 6.0 and upper versions have the app permissions available as Body sensors, calendar, camera, contacts, location, microphone, phone, SMS, and storage, and the developers have to keep them in mind while building the app for these versions.
Impact of app permissions
App permissions act as a double-edged sword in the domain of Android app development. On one hand, they are necessary for ensuring a smooth functioning of an app, and on the other hand, they are inversely proportional to the number of downloads. It is noteworthy that asking for fewer permissions lead an app to more downloads. One study has revealed that users are 3 times more likely to download the app with fewer permissions requests as compared to the app that requests more permissions.
The user’s approach of downloading apps that require less permission has brought the downward trend for permission requests. A recent Play Store analysis showed that Android app developers tend to reduce permissions after publishing their apps, which clearly suggests that they may be exercising more caution in declaring permission groups.
In brief, the number of necessary permissions plays a vital role in deciding the number of app downloads. Let’s go through a few of the best practices for app permissions.
App permissions best practices
Permission requests protect the sensitive information by restricting access. Only the information necessary for proper functioning of an app is accessible thanks to app permission requests.
Here is a quick list for the app developers while integrating Android permissions in the customized app:
1. Use the necessary permissions ONLY
System intents, backgrounding for phone calls are a few alternatives to get what you need for the seamless functionality of an app. Such alternatives can eliminate the requirement of depending on sensitive information and help you reduce the number of permission requests.
For example, if you develop an app that targets Android 4.4 or higher version, it has an automatic access to external storage directory, and you need not request the READ EXTERNAL STORAGE and WRITE EXTERNAL STORAGE permissions. MediaStore.ACTION IMAGE CAPTURE and MediaStore.ACTION VIDEO CAPTURE are two system intent action types for capturing images and video respectively without directly using the smartphone camera. You don’t require the permission for using the camera as the system intent will ask for the permission of using the camera every time on your behalf.
2. Consider library permissions
During Android app development process, at times, you use libraries, and permissions are required by the libraries. For example, libraries related to ad and analytics may need Location or Identity permissions groups. But the user considers it as your app’s permission request. It is, therefore, advisable to review your libraries and select third-party SDKs that do not use unnecessary permissions. You should care for the permissions the libraries require and their ultimate use.
3. Transparency is MUST
It is better to keep the objective behind making permission request for the specific access clear so that the app users can make informed decisions. You can consider putting this information alongside the permission request. A research revealed that users feel less uncomfortable with permissions request if they have a clear idea about why the app needs them.
In other words, if they know the purpose associated with a specific permission, they can willingly give permission.
4. Explicit system access
How about giving a continuous indication about accessing sensitive capabilities like the camera or microphone to the user? Well, explicit system access can make it clear to the users when you are collecting the data through access. It helps you keep your users away from any wrong perception regarding data collection.
Android app development is thriving and at the same time, becomes a highly competitive domain. Such best practices regarding app permissions can help you build the trust among your app’s users and you can get more and more downloads for your app as an outcome.
As a developer, you should keep these notable tenants in mind during Android app development to get the most from a green robot!
Happy app development!