Streamlining Android Permissions for Enhanced Privacy and Compliance

Android Nov 29, 2024

In today's digital age, data privacy and security are top priorities for app users. At the same time, developers must adhere to strict guidelines set by Google Playstore to ensure their applications align with these expectations. At Halodoc, we prioritize user privacy and trust, and we take proactive approach to optimize permissions in our Android applications, ensuring alignment with the Google Play's standards.

Why Is This Important?

Every time an app requests access to sensitive information, it has a responsibility to ensure that this access is warranted and does not compromise user privacy. This careful approach to permissions reflects our dedication to responsible development, allowing us to deliver a high-quality, privacy-focused product that users can depend on.

The Benefits of Minimal Permission Usage

  • Enhanced User Trust: Users are more likely to trust apps that only request essential permissions, which can positively impact user retention.
  • Improved Data Privacy: Reducing permissions helps limit data exposure, decreasing the risk of data breaches. This is a fundamental aspect of responsible app development and fosters better data protection for our users.
  • Compliance with Google Play Policies: Google Play regularly reviews apps for policy compliance. By proactively aligning our apps with their guidelines, we’re ensuring uninterrupted access for our users.

Evaluating Existing Permissions

Our approach to minimizing permissions began with a comprehensive evaluation of all permissions used across our Android applications. We conducted a detailed audit to assess each permission, mapping it directly to specific app features to verify its necessity.

Developing a Permission Reduction Strategy

Following the evaluation, we categorized permissions into four key groups to streamline usage and maximize privacy.

  1. Needed Permissions with Alternative Approaches: For some permissions, we recognized that alternative approaches could achieve the same functionality with enhanced privacy protection. For example, permissions like READ_MEDIA_AUDIO, READ_MEDIA_VIDEO, and WRITE_EXTERNAL_STORAGE were previously used for media handling. However, by adopting scoped storage and system file picker options, we were able to maintain functionality without requiring broad access to user media files, thereby upholding user privacy.
  2. Permissions no longer needed: We’ve adopted a strategy of regularly reviewing and optimizing app permissions to ensure they remain necessary and aligned with our app functionality. This includes identifying permissions that may become redundant due to feature updates, tool deprecations, or new integrations. For instance, permissions like GET_ACCOUNTS and READ_PROFILE were identified as no longer required due to feature updates and were removed to enhance privacy and streamline data access. By continuously assessing permissions, we can proactively adapt to changes and maintain a privacy-first approach.
  3. Mandatory Permissions: These permissions are critical to the core functionality of the app and cannot be avoided. Examples include INTERNET and ACCESS_NETWORK_STATE, which are essential for enabling network connectivity and ensuring the app’s connectivity-dependent features work seamlessly. Another example is ACCESS_FINE_LOCATION, which is requested for features requiring location access.
  4. Feature-specific Permissions Managed at Runtime: For certain sensitive permissions that are still essential, we opted to implement runtime requests. For instance, READ_CONTACTS supports our "Browse Contact" feature, allowing users to select contacts without manually entering numbers. These permissions are requested at runtime. By requesting these permissions only when users actively engage with the corresponding features, we ensure transparency and provide users with complete control over their data.

By segmenting permissions in this way, we implemented a targeted strategy that balances app functionality with minimal permission usage, ensuring user privacy while maintaining essential app features.

Key Considerations and Solutions During Optimization

While optimizing permissions, we encountered several challenges that required careful consideration and technical adjustments.

  1. Balancing Functionality with Privacy Requirements: A significant challenge was ensuring that core app features remained intact while minimizing permissions. Features like media selection and file handling traditionally required broad access, such as READ_EXTERNAL_STORAGE. To maintain functionality while adhering to privacy guidelines, we adopted alternatives like the system file picker, which allows users to select files without requiring additional permissions.
  2. Balancing Scoped Storage Compliance with Legacy Android Support: Android 10 introduced scoped storage, which significantly limits file access, but it’s not supported on devices running Android 9 (API level 28) and below. To ensure compliance with privacy standards while supporting older devices, we implemented conditional permission requests. We restricted READ_EXTERNAL_STORAGE and WRITE_EXTERNAL_STORAGE permissions to Android 9 and below, while fully adopting scoped storage for newer versions. Extensive testing across various devices and Android versions was crucial to ensure a seamless experience without compromising privacy or functionality.
  3. Ensuring a Smooth User Experience Without Intrusive Permission Prompts: Minimizing permissions required careful consideration of the user experience. Constant permission prompts can disrupt app flow, so we aimed to prompt users only when necessary, such as when they directly engage with a feature that requires permission (e.g., accessing the camera or gallery). By implementing on-demand permission requests, we reduced unnecessary prompts at app startup and provided users more control over their data, enhancing the overall app experience.
  4. Ensuring Compliance with Frequent Policy Updates: Google Play’s permission policies are regularly updated, which required us to stay informed and adapt our app’s permissions accordingly. This necessitated ongoing reviews and a flexible code structure to accommodate future changes, ensuring that our app remains compliant with evolving guidelines and avoids potential issues with app listing or rejections.

What Changes Did We Make?

Here's a summary of the key changes:

  1. Removal of Media Permissions:
  • We optimized our media access by using the system’s built-in file picker, which allows users to select files without granting explicit read permissions. This means our apps no longer need direct access to the user's photos, videos, or audio files, minimizing data exposure and aligning with best practices for data privacy. We have removed the READ_MEDIA_IMAGES, READ_MEDIA_AUDIO, and READ_MEDIA_VIDEO permissions.
  • To manage media selection more efficiently, we implemented a function that invokes the system file picker without requiring READ_MEDIA_* permissions. Here’s an example of our approach.
  • This function opens a system file picker, allowing users to select files of supported types (e.g., images, PDFs) without requiring any READ_MEDIA or READ_EXTERNAL_STORAGE permissions. By relying on the system picker, we ensure that file access is handled securely by Android’s native file management, further protecting user privacy.

2. Storage Permission Restrictions:

  • Starting with Android 10 (API level 29), enhanced privacy controls eliminate the need for permissions like READ_EXTERNAL_STORAGE and WRITE_EXTERNAL_STORAGE in most cases. Leveraging these improvements, we restricted the use of these permissions to devices running Android 9 (API level 28) and below. This approach ensures compatibility with older systems while embracing the enhanced privacy features available on newer Android versions.

3. Removal of Obsolete Permissions:
We have removed permissions those were categorised as no longer needed permissions during our evaluation process. This optimization not only aligns with Google Play’s policy but also enhances user trust in our apps.

Best Practices for Permission Usage

  • Conduct Regular Permission Audits: Permissions that were once necessary during the initial development phase may become redundant or outdated as your app evolves. Regular audits of requested permissions help minimize their use, remove obsolete permissions, and keep the app aligned with modern privacy expectations and platform changes.
  • Leverage Runtime Permission Requests: Request permissions at runtime when the associated functionality is needed, rather than at installation. This provides better context for users and increases the likelihood that permissions will be granted, improving the overall user experience and transparency.
  • Request Only Necessary Permissions: Request only the permissions essential for your app's core functionality. Unnecessary permissions can increase compliance risks and lead to user distrust. By limiting permissions to the bare minimum, we can maintain a focused scope, reducing privacy concerns and simplifying adherence to Google Play policies.
  • Adopt Scoped Storage (Android 10+): With the introduction of scoped storage in Android 10, access to external storage has been limited, emphasizing privacy and security. Implementing scoped storage ensures better data handling practices by restricting file access and isolating app-specific data from other apps, improving compliance with Google's privacy guidelines.
  • Follow the Principle of Least Privilege: Grant permissions with the least amount of access required.
  • Provide Transparent Permission Explanations: Clearly explain why a permission is necessary using permission rationale dialogs. Informing users of the benefits and how permissions support app functionality helps establish trust and transparency.
  • Monitor Policy and Platform Updates: Stay informed on updates to Android's permission model and Google Play's policies. Quickly adapt to changes to maintain compliance, enhance user privacy, and prevent app rejections or removals from the Play Store.
  • Test Permissions Across Android Versions: Ensure the app's behavior remains consistent across different Android versions, especially those introducing new permission models. Testing guarantees that the app adheres to changing requirements and continues to offer a seamless experience to users.

By adhering to these best practices, you not only enhance user trust and improve security but also ensure that your app remains in compliance with evolving Android and Google Play guidelines.

Conclusion

At Halodoc, we are committed to continually enhancing data privacy and maintaining compliance with industry standards. By conducting regular audits, staying informed on evolving guidelines, and implementing best practices, we strive to deliver a safer, more transparent digital experience for all users. For further details on Google Play’s permission guidelines, please refer to their official documentation.


Our latest permissions update within the Halodoc apps underscores this dedication. By limiting permission requests to only those essential for app functionality, we aim to foster transparency, build user trust, and meet the highest standards of data privacy and regulatory compliance.

References:

  1. Google Play Announcements on policies and best practices
  2. Photo Picker Guide
  3. Google Play Policy Updates for app compliance
  4. Scoped Storage for limiting broad file access

Join us

Scalability, reliability and maintainability are the three pillars that govern what we build at Halodoc Tech. We are actively looking for engineers at all levels and if solving hard problems with challenging requirements is your forte, please reach out to us with your resume at careers.india@halodoc.com.

About Halodoc

Halodoc is the number 1 all around Healthcare application in Indonesia. Our mission is to simplify and bring quality healthcare across Indonesia, from Sabang to Merauke. We connect 20,000+ doctors with patients in need through our Tele-consultation service. We partner with 3500+ pharmacies in 100+ cities to bring medicine to your doorstep. We've also partnered with Indonesia's largest lab provider to provide lab home services, and to top it off we have recently launched a premium appointment service that partners with 500+ hospitals that allow patients to book a doctor appointment inside our application. We are extremely fortunate to be trusted by our investors, such as the Bill & Melinda Gates Foundation, Singtel, UOB Ventures, Allianz, GoJek, Astra, Temasek, and many more. We recently closed our Series D round and In total have raised around USD$100+ million for our mission. Our team works tirelessly to make sure that we create the best healthcare solution personalised for all of our patient's needs, and are continuously on a path to simplify healthcare for Indonesia.

Tags

Priya Bhat

SDE, Android

Recommended for you