Understanding Android Permissions

As part of our efforts to be open with our users, we want to explain why RouterCheck requests specific Android permissions. Android requires apps to ask users for their permission to access certain sensitive information and actions so that they can run. This occurs when the app is installed.

Unfortunately, Android does not provide an opportunity for app developers to explain WHY they need access to certain things. This is unfortunate because some app developers ask for unnecessary permissions and take advantage of their users’ trust.

At RouterCheck we value your trust. That’s why we ask only for the permissions that we use to provide value. It’s easy to see how small our list is as compared to an app like Facebook:

RouterCheckSm FBSm

 

RouterCheck Permissions

Here’s the list of Android permissions that RouterCheck requests, along with why we need these permissions and how we use them. We hope that this will give you more information so that you can decide what to share with RouterCheck.

Location

Why: Hackers sometimes launch coordinated attacks against large groups of home routers to try to accomplish a goal. For example, in 2014, hackers compromised many home routers in Poland in an attempt to attack the Polish banking system. Therefore, all their attacks were aimed at home networks in Poland. RouterCheck wants to know its customers’ locations so that it can determine if a coordinated attack is occurring against a certain area.

How: When RouterCheck finds a compromised network, it uses the Location permission to check whether there are similar compromised networks nearby. This helps RouterCheck take action to stop the attack.

Optional: While having a network’s location is valuable in diagnosing attacks, RouterCheck can run properly without the Location permission.

Access to Files

Why: RouterCheck requests access to the file system to save data for its History functionality, so that users can look at checks that were performed previously.

How: To provide the History functionality, RouterCheck creates a space on the device’s file system to store its data. RouterCheck does not read or write anything from outside this private area.

Optional: RouterCheck can run properly without access to a device’s file system. However, the History functionality will not be available.

Wi-Fi Connection

Why: RouterCheck needs access to information about the Wi-Fi connection in use because of the checks that it performs. The Wi-Fi Connection information includes the name of the network and the type of encryption used.

Important: This information does not include passwords or other sensitive information.

Required: RouterCheck cannot run properly without this permission.

Network Access

Why: The RouterCheck app is only one part of the RouterCheck system. The rest of the system, such as the RouterCheck server, runs on the internet. The RouterCheck app uses network access to communicate with this server, which is part of fully testing your home network. This communication happens over fully encrypted channels and it does not contain any identifiable information.

Required: RouterCheck cannot run complete checks on your router security without this permission.

Prevent Device From Sleeping

Why: This permission is actually a misnomer. RouterCheck does not prevent a device from sleeping. However, it may sometimes (although very rarely) wake up a sleeping device to process a notification. See more about notifications below.

Optional: RouterCheck can run properly without this permission. However, RouterCheck may not be able to deliver immediate notifications about threats to your router without this permission. Opting out of receiving notifications has always been built into Android and does not require Android 6 (see below).

 

We respect our users

That’s why we made some conscious design decisions to enhance (or more importantly not destroy) our user’s  experience:

  • RouterCheck does not request any personal information.

RouterCheck does not require any personal information about its users. In particular, it does not need the Android Identity permission in order to run. Users should be aware that apps that are granted Identity permission have access to the identities of all of the user accounts that are active on the device.

Tip: You should safeguard your identifiable information. Do note expose your identity to apps that you do not completely trust.

  • RouterCheck is ad free.

Device screens are small enough, and no one likes ads cluttering their user experience. RouterCheck does not use mobile ads.

Be aware: Some apps use third-party ad networks. Many of these ad networks collect information about the users of those apps.

  • RouterCheck does not and will not send SPAM notifications.

RouterCheck is very selective about sending notifications that clutter up your usage experience. Many app developers constantly send SPAM messages to entice you to continuously use their application. These notifications are very annoying and rarely accomplish their goals.

When RouterCheck sends a notification, it is generally to inform its user base of something important, such as a new threat against home routers that is reported in the media. RouterCheck will send a notification when it can detect a reported threat so that users know to retest their networks.

Good to know: If you are annoyed by SPAM notifications from any application, you can turn off notifications on an app-by-app basis from the Android Settings screen.

Turning off Permissions in Android 6

Android permissions have been criticized as an all-or-nothing proposition. For example, users who want to use the Facebook Android app must give Facebook free reign over their device. However, the Facebook app has permissions that allow it to see everything running on your device, which is kind of creepy. Your choice was either to accept this behavior or not to use the app at all.

Android 6 changed this, because users can choose which permissions to give an app (see here for details). For example, users can allow Facebook to read the contents of an SD card, but not give it access to the microphone. This change is good for privacy because it gives control to the user.

Important: Many apps that were designed before Android 6 will act strangely (or even crash) if their permissions are turned off. Developers of these apps did not test those conditions because before Android 6 they simply didn’t exist. However, RouterCheck is fully compatible with Android 6, so users can safely turn off any permission they want.

Sericon Technology © 2014-2016