How to Manage App Permissions on Android
Every app you install asks for something. Some of it makes sense. A camera app wants the camera. A maps app wants your location. But a lot of apps ask for more than they need, and once you tap Allow, that access tends to stay on until you go looking for it. The good news is that Android gives you a single place to see and change all of it, plus a few tools that quietly clean up after apps you forgot you had. This is how to use them, what each setting actually does, and which permissions are worth being paranoid about.
Where the permission controls live
There are two ways into permissions, and they answer different questions.
If you want to see what one specific app can do, go to Settings > Apps, pick the app, then tap Permissions. You will see what it has access to and what it has been denied.
If instead you want to ask "which apps can use my microphone?", you want the Permission Manager. On most phones that is Settings > Security & Privacy > Privacy > Permission Manager. The wording shifts a little by brand. Samsung and some others tuck it under a slightly different menu, and you can usually just type "permission" into the Settings search bar to jump straight there.
The Permission Manager groups everything by the type of access rather than by app. Tap Camera, for example, and you get a list split into apps that are allowed, apps that may ask, and apps that are denied. It is the fastest way to spot the app that has no business reading your contacts.
What "Allow only while using" and the other options mean
For the sensitive permissions, location, camera and microphone, you are not stuck with a simple yes or no. Tap one of these inside an app's permission screen and you get a short list of choices. They matter, so here is what each one really does.
- Allow all the time (location only): the app can check your location even when it is closed and running in the background. Reserve this for things that genuinely need it, like a fitness tracker that records a run.
- Allow only while using the app: access works when the app is open and on screen, then shuts off when you leave it. This is the right default for almost everything.
- Ask every time: the app gets a one-off grant for the current session and has to ask again next time. Good for an app you trust only occasionally.
- Don't allow: the app never gets it. Some apps will nag or refuse to open a feature, but most keep working fine.
For location there is one more switch worth knowing. Use precise location can be turned off, which hands the app a rough, area-level fix instead of your near-exact spot. A weather app or a news app does not need to know which room you are in. Approximate is plenty.
The Privacy Dashboard shows who used what
Settings can tell you what an app is allowed to do. The Privacy Dashboard tells you what it actually did. Find it at Settings > Security & Privacy > Privacy > Privacy Dashboard.
It opens on the last 24 hours and draws a simple chart of how many apps touched each sensitive permission. Tap Camera, Microphone or Location and you get a timeline: which app, and roughly when. A recent Google Play system update added a 7-day view, reached through the three-dot menu in the corner, so you can spot a pattern rather than a single moment.
This is where you catch the surprises. An app you only open to read the news showing up in the microphone timeline at 3am is a real signal. Maybe it is harmless background behaviour, maybe it is not, but at least now you can go revoke it and see if anything breaks.
The green, orange and blue dots
You do not always have to dig into a menu. Android shows a small indicator in the top corner of the screen the moment an app reaches for a sensor.
- A green dot means the camera or microphone is in use. It starts as a little chip that names the access, then shrinks to a dot while it continues.
- An orange or green mic icon appears specifically when the microphone is on.
- A blue dot or location icon shows up when an app is pulling your location.
If you swipe down from the top while a dot is showing, you can tap it to see exactly which app is responsible. Seeing the green dot light up when you have not opened anything that should need the camera is one of the clearest warnings your phone gives you. Do not ignore it.
Let Android clean up apps you have stopped using
Permissions you granted a year ago for an app you no longer open are pure risk with no benefit. Android handles this for you if you let it.
The feature is called auto-revoke, and it works on basically every modern phone (Android 6.0 and up). If an app sits unused for around three months, the system pulls back its permissions, stops it running in the background, and clears its temporary files. The next time you open the app, it simply asks for what it needs again.
You can check or change this per app. Go to Settings > Apps, pick the app, and look for Pause app activity if unused. It is usually on by default. There is a genuine tradeoff here worth flagging. For an app you rarely open but still rely on, say one you use once a season, having its permissions and notifications quietly switched off can be annoying. If an app keeps losing access and you actually want it to keep running, turn this toggle off for that one app rather than disabling the whole safety net.
The two permissions malware actually wants
Most permissions are low drama. Two are different, because they hand over far more control than they sound like, and scammers know it.
The first is Accessibility. It exists to help people who need screen readers, voice control or Braille support, and it grants an app the ability to read what is on your screen and tap and swipe on your behalf, across every other app. In the wrong hands that means reading your banking app, approving prompts, and grabbing one-time codes as they arrive. Banking trojans lean on this constantly.
The second is Display over other apps, sometimes shown as "Draw over other apps." It lets an app float a window on top of everything else. Useful for a chat bubble. Dangerous when a fake login screen is laid over your real banking app to harvest your password. Security researchers flagged overlay attacks as one of the most common fraud patterns of the past couple of years.
The rule is simple. A wallpaper app, a flashlight, a game or a QR scanner has no reason to ask for either of these. If something you sideloaded pushes hard for Accessibility, treat that as a stop sign. Review what holds these under Settings > Apps > Special app access, where both Accessibility and Display over other apps each have their own list.
Why Android now blocks some of this by default
Google has been tightening the screws here, which is worth understanding so the warnings make sense. When you sideload an app (install it from outside the Play Store) and it tries to switch on Accessibility, Android blocks the toggle and shows a restricted setting dialog. You have to dismiss that and dig into the app's info page to override it. The friction is deliberate. It exists to make you stop and think.
In 2026, the limits went further. On phones with Advanced Protection Mode turned on, only apps whose main purpose is accessibility can use that API at all. That is strong protection, but it has a real cost: some password managers and automation apps that legitimately used Accessibility for autofill or shortcuts stop working under that mode. If you depend on one of those tools, that is the tradeoff to weigh before flipping Advanced Protection on.
A monthly cleanup that takes five minutes
You do not need to obsess over this. A quick pass once a month keeps things tidy. Here is a routine that covers the important ground without turning into a chore.
- Open the Privacy Dashboard and switch to the 7-day view. Scan Location, Camera and Microphone for any app that does not belong there.
- Open the Permission Manager and walk through Microphone, Camera and Location. For anything you are unsure about, drop it to Ask every time rather than leaving it on.
- Check Settings > Apps > Special app access for Accessibility and Display over other apps. If you do not recognise an app on either list, or cannot explain why it is there, turn it off.
- Glance at your full app list and uninstall anything you have not touched in months. The fastest way to manage an app's permissions is to not have the app.
That is the whole job. The settings have not gone anywhere since last time, so after the first pass it is mostly just confirming nothing odd crept in.
Frequently asked questions
Will an app stop working if I deny a permission?
Usually it loses one feature, not the whole app. Deny a photo app the camera and you can still browse your gallery. Some apps put up a prompt asking you to grant access before a specific function runs. If an app flatly refuses to open without a permission that has nothing to do with what it does, that is a reason to be suspicious, not to give in.
What is the difference between the Privacy Dashboard and the Permission Manager?
The Permission Manager controls what apps are allowed to do, grouped by permission type. The Privacy Dashboard is a log of what they actually did in the last 24 hours, or 7 days if you expand it. Use the Dashboard to spot a problem, then jump to the Permission Manager to fix it.
Why did Android remove permissions from an app on its own?
That is the auto-revoke feature for unused apps. If you have not opened an app for roughly three months, Android pulls its permissions and pauses it to reduce risk. Open the app again and it asks for what it needs. If a specific app keeps losing access and you want it left alone, turn off Pause app activity if unused for that one app in its settings.
What does the green dot at the top of my screen mean?
It means an app is using your camera or microphone right now. Swipe down and tap it to see which app. If you did not open anything that should need the camera or mic, treat the dot as a warning and check that app's permissions.
Which permissions should I be most careful about?
Accessibility and Display over other apps. Both give an app far more reach than the name suggests, and both are heavily abused by malware to read your screen or fake a login window. Grant them only to apps that genuinely need them, like a real screen reader, and never to something you sideloaded that has no clear reason to ask.
Is approximate location good enough for most apps?
For most, yes. Turn off precise location and the app gets an area-level fix, accurate to within a few kilometres, instead of your near-exact position. A weather app, a news app or a store finder works fine on that. Keep precise location for navigation, ride-hailing and fitness tracking where it actually matters.