Google recently launched a new privacy section called Data Security. Now, however, it appears that the previous security tool, App Permissions, has been hidden from users. Something that makes clear the intentions of the North American giant in order to reinforce the security of our data as users.
Therefore, from now on, Google will only trust the developers and their responsible actions in relation to the Data Security section. The change, however, is not exempt from some risk factors that we will present below. At the same time, here are also simple tips to ensure our safety.
Recommendations based on this change were obtained from Kaspersky experts. The team of experts analyzed the possible risks for users and how the situation could change in the future:
1. The permissions model in Android has become more complex over time. Permissions are now dynamic and are requested while the app is running.
Also, most permission values no longer just include “allowed/disallowed” options, but additional options depending on the permission itself.
For example, “allow only while ordering”, “ask every time”, “not allowed”. This makes it more accurate and reduces the risk of sensitive information being leaked.
2. In general, this Google initiative helps users verify what will happen to their information Type. In addition, it brings more clarity to the understanding of all phases of data processing.
In fact, users also have the possibility to opt out of the application. This is if they consider the data processing to be unreasonable.
3. The ‘Data security’ and ‘Application permissions’ sections check the Google Play Store information that the user must receive before installing an application.
However, users still have the option to manage permissions on their devices from the settings in the Apps section. Also, the apps do not have access to any API or personal data before being installed on the device. Therefore, sensitive information will be protected and kept private.
Four. As to other improvements in the protection of personal data, next steps could include not only controlling app access to sensitive information (such as data received, used, and “forgotten”), but also understanding its future fate (such as storage, transfer to third parties, etc. .). In particular, the key questions are:
- What data an app collects (not just one-time access, but future storage, it must have a purpose).
- Where the application transfers this information: to whom, why and under what conditions.
- An explanation to the user about the data access required for the app to work and what is optional.
- Additional information: whether there is a possibility to revoke or delete the information or the application, and whether the data is encrypted during transmission, etc.
Another practice that can lead to greater protection of user data is to provide more controls to ensure a high level of protection. This is a clear way of processing sensitive information. Here, Google is taking steps in this direction by binding to MASVS (Mobile Application Security Verification Standard).
3 additional tips to strengthen privacy controls:
- It is better to avoid installing browser extensions. That is unless you really need them. Permits must be carefully checked before being accepted. The complete list of permissions is available in the “settings” section → ‘Applications’ → ‘Application management’ → ‘Permissions’ (each brand has its own way of organizing these options).
- Another safe practice is to update your operating system and important applications as updates become available. Many security issues can be resolved by installing updated versions of the software.
- Finally, a viable option is to install a reliable security solution that provides users with some features that allow them to optimize the storage space on their devices. It is also a good alternative for users to view the list of apps installed on their devices. This is in addition to knowing which ones you don’t use, uninstalling them and freeing up storage space on your devices.