Apps should never have access to this phone setting according to experts

When you open an app for the first time, several windows appear requesting access to different phone features. Many users validate quickly to be able to use the service without blocking… However, this reflex is not without risk.

Cybersecurity experts point out that an application only needs targeted access to function properly. Granting a blanket permission may expose data that has nothing to do with its intended use. Indeed, a smartphone does not only contain content intended to be shared. There are also photographed administrative documents, identity documents, bank cards, supporting documents, screenshots with sensitive information.

And for good reason, in 2023, researchers have identified malicious applications capable of automatically analyzing content stored on phones in order to identify recovery phrases associated with cryptocurrency wallets. These applications were then removed from Google and Apple stores. The episode therefore showed that too broad access could be exploited on a large scale, without the user being aware of it.

In this context, no app should automatically gain full access to the phone’s camera roll. For what ? Because full access allows the application to browse all the photos and videos saved on the device, including those that have no link to its use, and to analyze metadata, such as the date, location or faces present in the photos.

Specialists therefore recommend regularly checking the permissions granted to applications and limiting them to what is strictly necessary. To do this, simply open the phone’s settings, go to the “Confidentiality” or “Permissions” section, then consult, application by application, the access granted in order to choose the “Selected photos” option or to completely deactivate the authorization if it is not essential. Denying global access may make selecting content a little more time-consuming, but it reduces the risk of error and limits the exposure of personal data.