Google I/O: Android Q aims to bring app permissions firmly under control

Google is capitalizing on Google I/O 2019 to detail how it intends to make Android app permissions and security better in Android Q, which will, in turn, make your smartphone a safer, more secure place for your data.

The biggest change to Android Q’s permissions is the addition of a more targeted system. At the moment, granting a permission in Android is an analog process — you either grant an app storage permission or you don’t. While that makes everything nice and simple, it means that there are no limits on the app where timing is concerned.

In Android Q, you’ll be able to specify that you only want to grant an app permission to access your location data while you’re using that specific app. This means a chat app will no longer be able to access your location data while it’s not being used, but you’ll still be able to send your location to your friend when you need to.

Adding new options to permissions is only the beginning. Google is also asking app developers to find ways around permissions if they don’t need to be used — for instance, by using “Retreiver APIs” to pull relevant data, instead of granting blanket permissions that make users suspicious. Google highlighted how SMS Retrieval APIs can be used to confirm text message confirmation codes without the need to ask for SMS permissions.

There are times when permissions are absolutely required, and Google is also asking developers to make the reasons behind permissions more apparent. Only 18% of Android users allow apps all the permissions they request, and the top reason for denial is that the “app shouldn’t need the permission.” In those cases, it’s on the app developer to explain why it is their app needs these permissions.

Android Q will also be locking down some of your device’s individual indentifiers, including the IMEI, ESN, Build, SIM, and USB numbers. These hardware identifiers used to be available through certain permissions. An Android Q device’s MAC address is also completely randomized when connecting to a different network. Changing the way these elements of Android work significantly boosts user security.

Editors’ Recommendations

  • Here are our favorite features in Google’s first Android Q beta
  • Microsoft Azure Blockchain signs J.P. Morgan for Ethereum smart contract system
  • WhatsApp finally lets you control who can add you to a group
  • Android Q: Everything we know so far about Google’s next mobile OS
  • Potentially malicious WinRAR vulnerability patched after almost 20 years