Auto-Reset Unused Android App Permissions for Billions of Devices
Reading Time: 2 minutes

The search giant on Friday announced it will auto-reset unused Android App permissions for billions of devices running Android versions 6 and above.

The plan will be executed later by the end of 2021, it will be activated for Android phones with Google Play services running Android 6.0 (API level 23) or higher. Android 6.0 Marshmallow was released by Google on October 5, 2015.

Google launched Android 11 earlier last year, with permission auto reset option. An effort made by Google to improve user privacy by automatically resetting an app’s permissions to access sensitive features like storage or camera if the app in question is left unopened for a few months.

Google in a blog post said, “Some apps and permissions are automatically exempted from revocation, like active Device Administrator apps used by enterprises, and permissions fixed by enterprise policy.” Though the auto-reset permission feature will be turned on by default, the new features will have to be enabled manually for apps targeting API levels 23 to 29.

The rollout is expected to be completed in the first quarter of 2022.

Current Behaviour

  • Permissions are automatically reset on Android 11 (API level 30) and higher devices.
  • Permissions are reset by default for apps targeting Android 11 or later. The user can manually enable auto-reset for apps targeting Android 6.0 (API level 23) or later.
  • Apps can request the user to disable auto-reset for the app.

New Behaviour

  • Permissions are automatically reset on the following devices: 
    • Devices with Google Play Services that are running a version between Android 6.0 (API level 23) and Android 10 (API level 29) inclusive. 
    • All devices running Android 11 (API level 30) and higher devices. 
  • No change from the current behaviour
  • No change from the current behaviour

The changes are part of the recent user-facing privacy and security features Google released in recent months. Earlier the company said, it aims to disallow users from signing in to their Google accounts from Android devices running versions 2.3.7 or lower starting September 27, 2021.

Related Articles:
Malware Attack on the Aviation Sector Went Unnoticed for 2 Years
Urgent Apple iPhone Software Update Issued to Tackle Critical Spyware Vulnerability
KrebsOnSecurity Under Meris botnet Attack