The Android operating system that has embedded itself in phones, wearables and even the automotive industry has created unprecedented opportunities for independent developers, in-house engineering teams and software houses that build bespoke software.
The sheer size of its distribution courtesy of its open source roots and value addition to original equipment manufacturers has seen it power and support thousands of businesses with collective revenue attribution in the billions of dollars annually.
To build sticky services, developers interact with various aspects of a user’s mobile device. This access is granted through permissions that must be declared by the mobile application. The user then needs to accept these requests for the application to function as it should, or so the unwritten code goes.
However, with every platform that presents an opportunity for revenue generation and monetisation there are those that will push the limits and exploit access for ulterior motives or to support unethical business practices. There are two ways that this is manifested.
The first is outright red flags that you have most probably experienced when consuming one app or another, whose permission requests do not match with its supposed function. For example a flashlight application asking for access to your location data.
The second is where a developer would have a valid defensible reason for requesting access but thereafter go ahead to abuse the privilege as seen with a number of lending services that infringe on user privacy riding off access to a user’s address book to originate messaging in an attempt to nudge the user toward certain action.
As the platform trustee for Android, Google has from the onset put in place an app approval process whose aim is to check and countercheck, even once live that developers adhere to best practice. In the hunt for returns, legal or otherwise many developers have continued to push on what would be considered agreeable.
To this end, Google has tightened controls around permissions, limiting access to SMS, call logs and address books as the most critical recent action.
The deadline for remedial action has now passed and non-compliant applications are being purged from the Play Store or seeing functionality break. Your favourite banking, taxi hailing or micro-lending app could have been affected.
Legitimate businesses should seek compliance not exception as excellent user experiences will lead to better adoption of services via mobile applications with users confident in their patronage.