Android app permissions need to be much clearer

Android apps need to communicate the security permissions they require clearly, not in the form of arcane incantations that the masses cannot possibly understand.
Written by Adrian Kingsley-Hughes, Contributing Writer

As we've slid from the era of the PC into a post-PC age, it's easy to think that everything is rosy in the mobile world. But its not.

I'm looking at you, Android.

Don't get me wrong, I like Android. I really do.  It's not my mobile platform of choice, but mostly that's because I settled on iOS back in the days of the iPod touch and sort of stayed there. I like the Nexus hardware, and I'm especially fond of the Kindle Fire HDX, preferring it to my iPad. But there's one aspect of Android that I think is totally user-unfriendly — and that's app permissions.

App stores for Android devices show you what permissions an app requires to be able to run. The idea is that this helps the end user make an informed choice as to the apps they install. In theory this allows you to spot nefarious apps that might be pilfering your contact details or indulging in other forms of mischief.  

But, and the old adage goes, the difference between theory and practice is that in theory it works, but in practice it doesn't.

The reality is that Android app permissions quickly decend into arcane incantations. Take a look at this entry for an app in Amazon's app store (the store doesn't matter, you see the same sort of spells in Google's app store too).

Android app permissions

You or I might know – or know how to find out – what this stuff means, but there are millions of users out there who don't. And as more and more people take their personal devices into their workplaces and connect them to the business infrastructure, this is going to put increasing pressure on endpoint security to keep things secure. Getting users to be vigilant is the first line of defense, but you can only ask them to do that if the information they are being given is understandable.

I'd like to see Android address this. I know that creating security and error messages that are comprehendible is not easy – and it's something that even Microsoft and Apple haven't fully perfected, but if app stores are going to bubble this sort of information up to the surface for the masses to digest, then more needs to be done to make it accessible.

Editorial standards