5

How to leverage existing Android privacy changes to increase user trust

 1 year ago
source link: https://medium.com/androiddevelopers/how-to-leverage-recent-android-privacy-changes-to-increase-user-trust-b3a9648b53bd
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
neoserver,ios ssh client
1*llrOgqgDkd12Qbp5YRT7mQ.png

How to leverage existing Android privacy changes to increase user trust

Learn about privacy best-practices that can boost your app’s quality and popularity!

As part of the Privacy Week for Android Developers, we’ve shared that more than half of US adults have avoided using a digital service due to privacy concerns. Here at Android, we believe privacy is centered around the user. We have added many transparency-enhancing features in recent releases to help users identify which apps are accessing their data and their devices’ sensors, when that access is taking place, and how apps are using that data. As such, it is more important than ever for developers to treat user data with care and only access it when necessary for, and expected by, the user.

This blog explores how you can best leverage these features to strengthen your privacy-first app experience and increase user trust in your apps.

A few highlights from recent releases

Here are a few top privacy launches from recent Android versions …

A timeline showing the 3 most recently-released Android versions and a set of highlighted privacy features in each release

Privacy indicators

In Android 12, Android released the privacy indicators, which show when apps are accessing data from the device’s camera and microphone. Users can click the indicator to easily see which apps are currently accessing their data.

The indicators appear as icons in the top-right corner. When the user taps on the indicators, a dialog appears near the top of the screen that shows which apps are accessing the device’s camera and microphone.

Privacy Dashboard

Android 12 also saw the release of the privacy dashboard — a one-stop shop that allows users to see which apps are accessing data, which permissions apps are using, and when that access is happening.

Users are responding positively — over 40% of users are engaging with the details of app accesses in the privacy dashboard (which later evolved to be part of the new Security and Privacy Hub discussed below). This positive engagement prompted an enhancement in Android 13 to expand the dashboard’s timeline, now showing data accesses and permission requests from the past 7 days.

Graphic showing the relative frequency of location, camera, and microphone accesses, as well as an example timeline showing when apps have made specific location access requests.

Clipboard access

Content copied to the clipboard can contain sensitive information such as emails and even passwords, so Android 12 notifies users every time an app reads data from the clipboard that originated from outside the app via ClipboardManager.getPrimaryClip() .

We took it one step further in Android 13 — the system will automatically clear the users’ clipboards after a certain period of time when sensitive content is detected.

Security & Privacy Hub

Then, in Android 13 we unified security and privacy settings into a single hub, the Security & Privacy Hub. This hub makes it easier for users to understand the privacy and security status of their devices. The hub highlights possible harmful apps, excessive permissions, and other privacy- and security-related topics.

An Android 13 device showing the Security & Privacy Hub screen. The top of the screen shows a summary status, and the bottom of the screen provides links to different settings

How can you increase users’ trust in your app?

With Android’s focus on showing users how their data is being processed and further protecting the data that users care about most, it’s vital to take privacy seriously. It means more than “checking off a box before upgrading your targetSDK” — adopting privacy best practices can help set your app apart from those that don’t.

Let’s go through the best practices:

  1. Minimize your permission requests by using features like the photo picker, to decrease the number and frequency of permission requests. This will prevent your app from getting blamed for access via the privacy indicators and dashboard. Remember that this includes accesses by 3rd-party SDKs as well.
Image showing a few of the available permissionless actions, with a link to the documentation page

2. If you still need a certain permission, make sure to follow best practices by providing in-context requests, showing additional rationale when required, and respecting the user’s decision by providing alternative experiences that don’t require permissions.

List of steps to perform when requesting an Android runtime permission, as explained in the documentation.

3. Leverage the data access audit APIs to track your app’s data accesses, including from 3rd party SDKs and libraries, and look out for access that might seem unexpected to the user. In addition, remove or revoke permissions via the revokeSelfPermissionOnKill()API introduced in Android 13 when they are no longer needed!

4. Avoid privacy-sensitive workarounds, such as discovering installed apps using media metadata. The system will highlight your app for this broad access of user data.

Thanks for reading! Feel free to comment below if you have questions or feedback. For more content during privacy week, follow our @AndroidDev account on Twitter and androiddev on LinkedIn! You can also follow our YouTube channel: https://www.youtube.com/@AndroidDevelopers or subscribe to our Medium and Android Developers Blog pages.


report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK