Android devices from version 6.0 will soon reset permissions for unused apps

Android devices running at least version 6.0 will have the option to automatically remove their permissions from apps that have not been used for a long time. That’s a feature that was first only for Android 11.

Google states that soon every Android device with Google Play Services and Android 6.0, or API level 23, or higher will receive the function. The feature is enabled by default for apps running at api level 30 or higher, which seems to imply that the feature won’t be enabled on its own on phones with a lower api level. Users will have to toggle that button themselves. Google also reports that apps can request the user to create an exception for that app, for example if it requires permissions, but does not actually need to be opened for it to function.

The feature is for privacy and security. The permissions create a certain risk for the user; For example, accessing a phone’s storage means that an app that has nothing to do with your photos can still do reads and writes to your dcim folder. In addition, permissions can give an app the opportunity to exploit a vulnerability in the system. That may not be a concern at the time of installation, but malware can also sneak into an app at a later date via an update.

In the blog post, Google also explains how the change will affect developers and what code is needed to deal with the new circumstances. Because the update runs via Google Play Services, phone manufacturers are not involved in the ‘roll-out’ and it does not matter whether the phone still gets system updates. ‘Billions’ of devices will thus be given the function. Google does not report exactly how long it takes for an app to lose its permissions, but there is talk of a period of ‘months’.