Google recently disclosed a flaw that allowed over 400 apps access to the data of nearly half-a-million users who hadn’t given their permission for that information to be accessed. In response to that disclosure, they decided to shut down the Google + social network and are also making some big changes to the way you grant permissions for Google services and apps from the Google Play and Google Chrome stores.
Let’s take a look at the changes. Now, if you were to authorize an app to access your Google Drive and your calendar, the permissions will look like the screenshot below.
You have to allow all of the permissions it requests and OK them with one tap. Soon, Google will implement what are called granular permissions. Users will authorize each permission individually.
The company is also changing its policy to limit which apps can request permission to access your Gmail (Google account) data. According to a blog post, “Only apps directly enhancing email functionality—such as email clients, email backup services and productivity services (e.g., CRM and mail merge services)—will be authorized to access this data. Moreover, these apps will need to agree to new rules on handling Gmail data and will be subject to security assessments.”
The company is also limiting the ability of apps to access data about calls and texts on your Android phone. There are more changes coming. I’ll let you know as soon as Google announces what’s next.