iPhone app permissions: The best practices explained

22It’s the 21st century and we have apps for everything. There are apps that can deliver you a full-sized car to ones that remind you to drink water every hour. There are close to 2 million unique apps on the App Store. Each of them asks for different iPhone app permissions required for their functionality.

Well, most people out there don’t read the permissions before installing 3rd party apps. If you are not careful with the permissions you grant the apps from the App Store, you’re basically giving the apps access to all your personal data. Now, before we dive into why it’s important to manage your permissions let’s start from the basics.

What are iPhone app permissions?

App permissions are the privileges an app has access to. The privileges can be anything from viewing your phone contacts to being able to access the camera and microphone.

iPhone permissions – General working

When you first install an app from the App Store, there will be pop-ups asking you for permissions to different functionalities. You will need to approve these permissions to take advantage of those features.

Ideally, apps include the reason as to why they need permission to a particular feature. In a food delivery app, it is critical to have location access, since it needs to detect the location of delivery and a social media app asks for camera access, to be able to take pictures from inside the app. So, depending on the app, the permissions change.

You can deny some of the permissions and still be able to use a particular app, but the functionality of the app may be limited due to this.

iPhone app permissions and their importance

The first and foremost thing to do when installing a third-party app is to read through the permissions before accepting them.

You need to understand the reason behind the permissions an app asks for. It is common sense that if a 2D game is asking for your camera privileges, something fishy is going on in the background.

Trusted app developers usually ask for permissions they require, although it is important for you to know why permission is being asked. If you want to deep dive into an app’s permissions, you can check the app’s data and privacy policy.

Generally, the most commonly used app permissions are the ones for location, camera, microphone, contacts, pictures, files and folders, and push notifications.

Location

Access to your location is one of the most frequently requested permission. This is relevant for most apps because content, app interface, suggestions, etc that you get on a 3rd party app usually differ by location.

You should be extremely wary of who has access to your location. On a scale ranging from being spammed with marketing messages based on the places you visit to actually being followed, anything can happen.

Ways to be wary

• If location permission is a pivotal feature of the app, you can grant access to location such that, the location is tracked only when the app is in use. There is an option in iOS to “allow access only while using the app”.
• Turn off precise location, if you feel the app does not require your pinpoint location. This way, the location being tracked will send out a location that has an error up to 10 square miles.
• When your location is being tracked, a blue circle with an arrowhead appears on the top left corner of your iPhone. Keep an eye out for any irregular appearance of this icon.

Featured Resource

Hexnode iOS Management Solution

Hexnode UEM enables you to set up, deploy, manage, and secure iOS devices in your enterprise by simply unifying all management functionalities.

Download Datasheet

Camera

Permission to camera lets the app use camera to click pictures, record videos, scan QR/documents, etc. With this permission, an app can connect to the phone’s camera without the user’s knowledge and use it for unethical means.

Ways to be wary

• Read up the reason for camera permission, since it usually has a direct connection to the functionality of the app, like a social media app that needs to click pictures.
• In the case of an iPhone, the user is notified when their camera is in use. A green dot appears on the top right corner of the screen.

Microphone

As the name suggests, this gives the app access to the device’s microphone. You need to be cautious because giving away access to your microphone is like giving away access to every conversation you have.

Ways to be wary

• There is an orange dot that appears on the top right corner of your iPhone screen when your microphone is in use.

Contacts

Giving an app permission to access contacts is like handing out your personal phonebook. This consists of names, phone numbers, e-mail addresses, and notes written for specific contacts. This permission is generally requested by apps like WhatsApp to link the contacts to the app.

Databases of contacts with numbers, addresses, and other information can be used to attack an organization, send spam, or conduct phone scams.

Ways to be wary

• Make sure you do not grant access to contacts permission to any non-reputed app. Make sure there is a functional need for contacts in the downloaded app.

Files and folders

Giving permissions to files and folders gives the app access to the data stored on your memory. This can also include documents, pictures, and other files in the memory.

Ways to be wary

• If you use the files on your iPhone to store sensitive information, limit access to just the applications you can trust.

How can we check app permissions?

When you are installing an app onto the device, the permissions that an app requires pops up. All the permissions are also mentioned in the app description, while some permissions are asked when the app is being used. Sometimes permissions are asked when you need to access the part of an app that requires some additional permissions.

If you think you have given permission to an app that you would like to revoke, you can always do this from the Settings app.

To check apps that have access to particular permission:

Let us look at the example of how you can check the apps that have permission to location services. In this menu, you can actually configure when you let the apps use location services.

App-wise permission access

You can also check the permissions that an app has by scrolling past the privacy banner in the Settings app. Select the specific apps, and you can see the permissions it has access to. Let us consider ‘Maps’.

Here you can see the permissions that Maps has access to

App privacy Report

App privacy report updates you on how often apps use the permissions that you’ve granted to access your data. You can turn the Apple privacy remote on by

Corporate devices and iPhone app permissions

When you are working with a corporate device you have to be extra wary. Often corporate devices are managed and users are restricted from installing new apps without approval, but in the case when a user is allowed, he/she should be extremely careful as to what goes on into the device. Since there are important corporate data at stake.

App permissions are a good addition since the user gets to double-check the permissions for any apps and they have the capability to revoke these permissions at any time.

When you are dealing with corporate devices, it is risky to leave the devices unmanaged and app installation unmonitored. It is ideal to take the help of a UEM.

8 things you should know about Apple device management

Blacklist/Whitelist

We can blacklist and whitelist apps, this way corporate can restrict the employees to only use the apps that are specified, or the corporate can block apps that are deemed harmful or unproductive.

Hexnode UEM

UEMs like Hexnode helps secure corporate devices by having superior app management capabilities where the corporate has better control over how users interact with the installed apps.