Google+ Badge

Thursday, October 4, 2012

Which way to go for mobile permissions?

Which way do you like better for mobile permissions - Android or iOS? Android has you build the permissions into the program via the manifest file. iOS asks for permissions as the program runs. Both have pros and cons.

Developer decides on a list of required permissions, must adhere to them
Compiler enforces permissions
User gets to see all permissions at time of program install / upgrade
Permissions as static and included in app binary, don't have to be stored in associated data area of device

Permission list may change during OS updates
User forced to read list during install, most ignore and just install, later complain you did something crazy
Some permissions are not granular enough
Some permission you would like to have but are not required to run - how to handle that?

Developer codes away, does not really have to think about it
Old cheating programs are now caught when action is requested
New permissions can be prompted with OS upgrade

User is bothered during program run, might scare them
Developers were able to cheat before, can still cheat until OS upgrade catches them
OS trust instead of IDE support, your app could fail due to user saying NO, defensive programmer for run time issues
Need special storage to keep track of each permission granted per application
User has to go under settings, privacy to find what they have granted if they want to make changes

I am undecided on which way I like better. I am happy to see iOS is now addressing this issue. Previously it was the wild west in iOS land. I just saw a prompt while running my code as I allow you to choose images from the gallery to attach to medical cases. What I am doing is innocent but I can see where programs could easily abuse this privilege. I was pleased to see the prompt appear and to have it only prompt once.