avast! Mobile: Permissions used by avast! Mobile Security and avast! Anti-Theft
| Why do avast! Free Mobile Security and avast! Anti-Theft need all of those permissions? |
Basically we need those permissions to implement the functionality of our tools. Data and programming interfaces in Android are protected by these permissions. However, the permission system in Android is a bit coarse. One permission applies to a whole group of interfaces, even if we just use a subset of the functionality contained within that group. Also, we can only have ONE “permission declaration” per app for all Android versions and for all Android devices. Thus, on some Android versions or devices we do not need a specific permission, while we need to specify it to satisfy the needs of other Android versions or devices.
In general, please trust us, we’re taking your privacy very seriously. We do NOT use the permissions to transmit private data to our servers or to cause unwanted costs to your phone bill. Also we do NOT give away any data gathered to third parties.
The permissions required by the avast! Free Mobile Security and avast! Anti-Theft are the minimum set that was needed to implement the functionality. If we would remove these permissions we could not implement the functionality as it is.
Your messages
- Edit SMS or MMS, read SMS or MMS
This permission group is used to implement the SMS blocker. We actually need to access your SMS data and also write SMS data in order to delete blocked SMS.
- Receive SMS or MMS
This permission group is used to a) implement the SMS blocker to receive SMS and b) to implement SMS remote control for avast! Anti-Theft and in the future also for avast! Mobile Security.
Your personal information
- Read Browser’s history and bookmarks
This permission group is used to implement the Web Shield in order to get access to the browser.
- Read contact data
This permission group is used to implement the SMS and call blocker. There you can select contacts from your phone book, also we can match incoming / outgoing SMS and calls to the contact list.
- Read sensitive log data
This permission group is not used at the moment but will be used to implement a new feedback feature which is not yet accessible in the current public version.
- Write contact data
This permission group is used for the call blocker to delete a call from the call log when blocked.
Network communication
- Full internet access
This permission group is needed for almost all functionality within avast! Mobile Security. We download virus signatures from our servers, and the Web Shield checks your site visits on our servers – to mention just a few usages. We however do NOT upload private data to our servers and we do NOT give away any data gathered to third parties.
Storage
- Modify/delete USB storage contents
This permission group is needed for the virus scanner. We have to access the USB storage to scan there and need to have write access there to remove unwanted files.
Services that cost you money
- Directly call phone numbers
This permission group is needed to implement the SMS and call blocker. We do not have the possibility to block calls without having that permission, unfortunately. Avast! Mobile Security is NOT using this permission in any other way. Please note that this permission is not dedicated to PREMIUM numbers as a myth says, but is needed for ALL call processing, disregarding if its a premium or a normal number. In general we do NOT use any premium numbers for our services.
Phone calls
- Intercept outgoing calls
This permission group is needed to implement the SMS and call blocker. We do not have the possibility to block calls without having that permission, unfortunately.
- Read phone state and identity
This permission group is needed for the call blocker to watch for call state changes.
System tools
- Modify global system settings
This permission group is needed for Application Management to forward the user to the app uninstallation screen.
- Prevent phone from sleeping
This permission group is needed to implement the virus scanner. The phone goes to sleep after some time when you do not use it. During that time, every processing on the phone is incredibly slow. Now we can “wake up” the phone processor (not the screen) in that condition to make the scan work fast. After finishing the scan we put the phone back to sleep as it was before.
- Retrieve running applications
This permission group is needed to implement Application Management. We query the list of running applications to inform you about memory, CPU or other usage.
Network communication
- Receive data from internet
See permission group “Full internet access”.
- View network status
This permission group is needed for the firewall to register to network status changes (e.g. to detect roaming state).
Hardware controls
- Control vibrator
This permission group is needed to vibrate your phone if we send a notification to the screen.
System tools
- Automatically start at boot
This permission group is needed to launch avast! Mobile Security upon phone start. At this point we register receivers for system events and perform needed startup tasks.
- Kill background processes
This permission group is needed to kill apps that you decide you want to have no longer running from Application Management.
- Measure application storage space
This permission group is needed to get you storage information about apps within Application Management.
Comment about phone wipe:
As you’ll see below, many permissions are needed to wipe your phone. Actually there are two different ways to wipe the phone. Those permissions are needed for Android 2.1 and below phones, as they do not offer device administrator functionality to access the system implementation of the phone wipe. As long as we support that type of phones we need to keep those in our list as is already mentioned above, we can only have ONE permission declaration for ALL platforms – even if permissions are NOT needed anymore on higher Android versions.
Your personal information
- Add or modify calendar events
This permission group is needed to delete the calendar during wiping the phone.
- Read Browser’s history and bookmarks
This permission group is needed to access the browser history and the bookmarks during wiping the phone.
- Read calendar events
This permission group is needed to access the calendar during wiping the phone.
- Read contact data
This permission group is needed to a) access the contact and call log data during wiping the phone and b) to send your contacts and call log details upon a GET CONTACTS or GET LOG command.
- Read sensitive log data
This permission group is needed for implementation of the “Prevent Program Manager” and “Prevent System Settings” protection behavior.
- Read user-defined dictionary
This permission group is needed to access the user defined word dictionary during wiping the phone.
- Write Browser’s history and bookmarks
This permission group is needed to delete the browser history and the bookmarks during wiping the phone.
- Write contact data
This permission group is needed to a) delete the contact data during wiping the phone and b) delete a call to your avast! password from the call log after launching the avast! Anit-Theft user interface.
Services that cost you money
- Directly call phone numbers
This permission is needed to process the CALL SMS command to let the phone call you back on your demand. Avast! Mobile Security is NOT using this permission in any other way. Please note that this permission is not dedicated to PREMIUM numbers, but is needed for ALL call processing, disregarding if its premium or a normal number.
- Send SMS messages
This permission is needed to send replies to your SMS commands or to send notifications upon SIM change and other events to your friend numbers.
Your messages
- Edit SMS or MMS
This permission group is needed to delete the SMS and MMS data during wiping the phone.
- Read SMS or MMS
This permission group is needed to a) access the SMS and MMS data during wiping the phone and b) to send your SMS upon a GET SMS command.
- Receive SMS
This permission group is needed to receive your SMS commands.
Your location
- Coarse/fine grained location
This permission group is needed to locate your phone to satisfy a LOCATE command or to send you up-to-date location data upon SIM change and other events.
Network communication
- Full internet access
This permission group is needed to download updates for Anti-Theft. In the future it will also be needed for internet remote control.
Storage
- Modify / delete USB storage contents
This permission group is needed to wipe your SD card contents during wiping the phone.
Hardware controls
- Record audio
This permission group will be needed for internet remote control to record audio upon command. The internet remote control is not public yet, but the functionality is already implemented in your Anti-Theft version.
- Take pictures and videos
This permission group will be needed for internet remote control to take pictures upon command. The internet remote control is not public yet, but the functionality is already implemented in your Anti-Theft version.
Phone calls
- Intercept outgoing calls
This permission group is needed to see if you dialed your avast! password in order to launch the Anti-Theft user interface when its switched to stealth mode.
- Read phone state and identity
This permission group is needed to get your phone’s details to satisfy a LOCATE command or to send you up-to-date phone details upon SIM change and other events.
System tools
- Change network connectivity
This permission group is needed to satisfy the “Force data connection on” protection behavior. It is not used in non-rooted environments, but is needed for rooted installations.
- Change Wi-Fi status
This permission group is needed to satisfy the “Force data connection on” protection behavior. It is not used in non-rooted environments, but is needed for rooted installations.
- Disable key lock
This permission group is needed to show the lock screen of Anti-Theft even if the phone is key guarded by the system because the system lock screen would hide the Anti-Theft lock screen, which is unwanted behavior.
- Display system-level alerts
This permission group is needed to display the lock screen in front of all other activities on your phone.
- Format external storage
This permission group is needed to format your SD card during wiping the phone. First, all data will be deleted (see above), at the end for safety a full format is performed.
- Modify global system settings
This permission group is needed for rooted environments and is not used for non-rooted installations. Some system settings need to be modified in rooted environments to e.g. satisfy the “Force data connection on” or “Prevent USB debugging” protection behaviors.
- Mount and unmounts file systems
This permission group is needed to get access to the SD card for wiping even if it is mounted to USB. If this is the case we can unmount the USB mounted storage and can then wipe the SD card.
- Prevent phone from sleeping
This permission group is used to keep the phone CPU awake during processing Anti-Theft tasks in the background. The phone goes to sleep after some time when you do not use it. During that time, every processing on the phone is incredibly slow or is even not possible at all. Now we can “wake up” the phone processor (not the screen) in that condition to make the program work. After finishing the task we put the phone back to sleep as it was before.
- Retrieve running applications
This permission group is needed to reset your phones app launcher after switching to stealth mode and hiding the app icon.
Network communication
- Receive data from internet
See permission group “Full internet access”.
- View network status
This permission group is needed for the app to register to network status changes (e.g. to detect if network is on or off to decide which communication mechanisms are to be used).
Hardware controls
- Control vibrator
This permission group is needed to vibrate your phone if we send a notification to the screen.
System tools
- Automatically start at boot
This permission group is needed to launch avast! Anti-Theft upon phone start to do e.g. SIM card checks.
- Kill background processes
This permission group is needed to reset your phones app launcher after switching to stealth mode and hiding the app icon.
Your accounts
- Discover known accounts
This permission group is needed to read the list of data accounts from your phone in order to decide which data is available for deletion upon phone wipe.
avast! Free Mobile Security 2.x
avast! Free Mobile Security 1.x
Operating systems:
Android 4.x
Android 3.x
Android 2.3.x
Android 2.2.x
Android 2.1.x
