Manage Android permissions to avoid malware: a practical guide, Play Protect, and useful apps.

  • Turn on and use Google Play Protect for scans, alerts, and resetting permissions.
  • Controls critical permissions: Accessibility, SMS, Notifications, and Overlay.
  • Manage permissions by category and special access from System Settings.
  • Install only necessary apps, update them, and be wary of excessive permissions.
Emmanuel JiménezUpdated on

8 minutes

Manage Android app permissions and prevent malware

It is not common for our Android smartphone to get a virus from installing an application, but there are more and more malware that can be installed Even through Google Play. What's foolish is not preventing this malware when we can do so very easily by learning how to manage app permissions. Controlling permissions reduces real risks.

We've previously discussed the importance of permissions and how to avoid malware. The key was permissions, as we explained in articles about apps have too many permissionsIt's not that we'll be able to avoid all the malicious apps available for Android by focusing solely on permissions, but the truth is that we can avoid most of the ones that can affect users who use Android regularly. What we're going to focus on now is learning more about permissions and, since they're so important, how to get more information about them. More information, better decisions.

Android Viruses

How to see the permissions?

First, we'll look at how to view the app's permissions. As you know, before installing the app, a window appears where we can see all the permissions and, in theory, confirm that we agree with them. However, the truth is that we most likely currently have many apps installed whose permissions we don't know. But we can find out very well thanks to Android's own options. To do this, we just have to go to Settings > Applications > Downloaded, and here, when we click on the app we want to check, we just have to scroll down to find the permissions for that app and check the permissions. types of permits available. Review app by app.

Play Protect permissions and analytics

In addition to the classic route, you can manage permissions by category from Settings > Apps > Permission Manager. Here you'll see which apps have access to Location, Camera, Microphone, Contacts, SMS, etc., and you can grant them only when you use the app, request them each time, or deny them. Settings > Apps with special access You will find key controls such as Show over other apps, Install unknown apps o Access to notifications. Centralizes control by groups.

aSpotCat

Even so, we can take advantage of some of the applications on Google Play that allow us to expand the functions of our smartphone. One of them is aSpotCat. This app only focuses on seeing the permissions of the other applications. The difference is that not only can we see the permissions that said application has, but we can also organize these according to the permissions it has, to see which of them may be more dangerous than others, or which applications are using some permissions that, we have detected, they are the ones that are causing a problem in the operation of the mobile. In addition, it allows us to see what the function of that permission is and how its use affects our smartphone. It is free, although it includes ads, and we can buy it without ads in a premium version that costs a little less than a couple of euros. Ideal for auditing your mobile phone.

Google Play - aSpotCat

excessive permissions in Android applications

Advanced Permission Manager

But we can go a little further. We don't just want information about app permissions, we can also modify them. It's worth mentioning that these functions can be run without root, when this type of application is usually more typical of developers who have created them for rooted terminalsThis is one of the few options for modifying app permissions without root permissions. It does have some limitations, however, as there are incompatibilities with some apps, but since it's the only option, we can't really complain about it. Modify permissions without root in specific cases.

Google Play - Advanced Permission Manager

Manage App Ops Android permissions

F-Secure App Permissions

Now, that's information, and sometimes we may not fully understand the information that apps offer us about these permissions. F-Secure App Permission is capable of giving us much more useful information. Not only does it tell us what each permission is for, but it's also capable of telling us, for example, which apps have permissions that are causing them to consume more battery. Or even which ones are consuming more data than our monthly plan quota. It can be a very useful app, as we can create customized searches and receive more specific data about the apps' functions and remove problematic permissions. Detect apps that consume battery and data.

Google Play - F Secure App Permissions

Finally, we want to make special mention of Permission Friendly App. We can't take what this app tells us as something we should comply with, as some of the apps it tells us aren't malicious. However, try to locate the apps that have the most permissions. If any of these apps have a very specific function that doesn't require most permissions, such as a flashlight app, it could very well be a dangerous app. Use it as an initial radar

Google Play Protect and controls you should activate

Google Play Protect features

  • Preventive analysis: Check apps from Google Play before downloading them and scan your device periodically, including apps from external sources.
  • Alerts and actions: warns you if an app is potentially harmful, and can automatically disable or remove it.
  • Privacy: issues alerts if it detects apps that hide or falsify information and can reset permissions of rarely used apps to protect your data.
  • locks: can prevent the installation of unverified apps that abuse sensitive permissions, which are common in scams.

How to check and activate: Open Play Store > profile icon > Play Protect > Settings > activate Scan apps with Play Protect. In that same panel you can activate Improve detection of malicious applications to submit unknown apps to Google and refine analytics. Keep Play Protect always active.

Device certification and "Device not certified" error: In Play Store > Profile > Settings > About, you'll see the certification status. If the error appears, tap Fix device problem and follow the instructions from that menu. A certified team receives extra layers of security and will help to improve the permit system.

Critical permissions to monitor: accessibility, SMS, and notifications

dangerous permissions on Android

  • Accessibility: Designed for assistance, it allows an app to read what's displayed on your screen and perform actions on your behalf. Only grant this permission to trusted and truly necessary apps.
  • Reading SMS: may expose verification codes. Avoid this except in legitimate messaging or authentication apps and check if an app tries to be default SMS app.
  • Access to notifications: Give visibility to messages and OTPs. Limit it to apps where the value is clear (watches, productivity) and review it in Settings > Notifications > Notification Access.

Manage permissions by category and special access

Manage Android permissions by category

  1. Check SMS, Notifications and Phone: Settings > Apps > Permission Manager > SMS/Notifications/Phone. Deny permissions on suspicious apps.
  2. Screen overlay: Settings > Apps with special access > Show over other apps. Turn off for non-essential apps.
  3. Install unknown apps: Settings > Apps with special access > Install unknown apps. Only allow this for your browser or file manager when strictly necessary.
  4. Accessibility: Settings > Accessibility. Check which apps have the service enabled and disable it if it's not essential.
  5. Automatic reset of permissions: Play Protect may revoke permissions for apps you haven't used for a long time. Review and adjust this by going to Play Store > Profile > Play Protect > Settings > Permissions for unused apps.

Other permissions that should be controlled

  • Camera and Microphone: Enable them only for apps that require them for their primary function. Disable background access whenever possible.
  • Location: "Only when using the app" is preferable. Avoid "Always" except when browsing or tracking.
  • Contacts and Calendar: limits access to tools that provide clear value (communication or real productivity).
  • Storage/Files and Media: use the system file selector and avoid the access to all files except in reliable managers and backups.
  • Body sensors: grant it only to recognized health apps.

Play Protect privacy alerts

Good practices and warning signs

  • Safe downloads: Avoid APKs from unknown sources. If you install outside the Play Store, verify the hash and developer.
  • Update system and apps: Patches close vulnerabilities and reduce the attack surface.
  • Be wary of excessive permissions: A flashlight doesn't need contacts or SMS; a game doesn't need calls.
  • Malware Symptoms: Persistent ads, skyrocketing battery or data, apps disappearing from the launcher, browser changes, antivirus crashes.
  • Take action if you suspect: Uninstall the recent app, scan with Play Protect, revoke critical permissions, restart in safe mode, and clear your browser cache if you see strange redirects.

Tips for managing Android permissions

Android offers a lot of freedom and with it, more entry points If you're not vigilant, managing permissions properly, using Play Protect, and reviewing "special access" make a difference. Keep only the apps you really use, limit permissions to the essentials, and pay attention to system alerts: with these habits, you'll drastically reduce the risk of malware and protect your privacy every day.

control android permissions
Related article:
Control permissions on Android to protect your privacy to the fullest.

Visible battery cycles in Android 14
It may interest you:
4 tricks to know the health of your battery