During Google I/O last week, another feature caught my attention, one that I have written and, yes, complained about, a few times in the past: app permissions on Android. In the last few releases, app permissions on Android have been an all-or-nothing deal: if users didn’t want to grant a specific permission, their only option was to not install the app. Additionally, permissions were/are grouped into categories, which occasionally granted apps more access than they needed or that users wanted them to have.
Just as an example, take this discussion I had with the developer of a hiking app. The gist: the app needed to ask for permission to access contacts for its “invite friends” feature, certainly not the main focus of the app, though one crucial to growth. Yet because I was not willing to grant unlimited access to my contacts, the app lost a user and potential customer.
@Hagit If you never access ‘Invite Friends’ feature we don’t access your contacts. Unfortunately Android doesn’t let us ask selectively.
— AllTrails.com (@AllTrails) November 24, 2012
When Facebook Messenger rolled out last summer, there was a lot of discussion regarding the depth and breadth of permissions it required and many users felt the app was too invasive. The Wall Street Journal and Facebook pointed the finger at Android. “Much of the problem, Facebook says, is due to Android’s rigid policy on permissions. Facebook says it doesn’t get to write its own, and instead must use generic language provided to them by Android. The language in the permissions “doesn’t necessarily reflect the way the Messenger app and other apps use them,” Facebook wrote.”
The bottom line is that permission groupings and the all-or-nothing approach was bad for users and for developers. I wrote about permissions being an additional step on the app download conversion funnel, one where many potential users turned away.
Which is why I was really excited to hear Dave Burke talk about upcoming changes to permissions in the upcoming release of Android, the yet-to-be-dessertified M. While not a glamorous feature, that perhaps get a rousing round of applause, app permission changes are probably relevant to every developer in the audience. Why? Because the new permissions have two different aspects: pre-download and post-installation.
First, permissions will be limited to a smaller set of device and information access. Hopefully this will make permission requests less confusing.
Second, apps will ask for permission the first time a user uses a feature instead of during installation. No permissions will be required upfront, but only when permission to access that feature or information.
Third, users can revoke an already granted permission in an app, even after it has already been used. Granted, for contacts this can be like closing the barn door after the horses have bolted (i.e. contacts uploaded) but for other aspects, such as the phone’s camera, rescinding permissions makes sense. This can be done by looking at permissions granted to an app and by seeing what apps were granted specific permissions.
Finally, with the new model, app updates that require additional permissions won’t encounter user resistance as they do today because the new permission won’t be requested until the user uses the feature that needs it. So if the developer added a “share with friends” feature that requires access to contacts, the user will have the option to allow or deny that request at the moment they want to share. If not, the user can continue to use the app as before.
As Mr Burke said, users will not have to agree to permissions that don’t make sense to them in order to use an app. Perhaps their use will be limited, but at least they will now have that option. Users will have less friction when downloading an app and faster onboarding when using the app. Faster engagement means less chance that a user will uninstall the app and a higher chance that they will use it more than once, making developers happy. All in all, I see this as a change that will benefit both users and developers and look forward to seeing it in the wild.