With the advancement in technology, we come across a lot of features, we come across a lot of flaws and we also come across lot of threats arising out of it. Smartphones and apps had made our lives so much easier but we also can't deny the fact that apps can also be malicious or sometimes dangerous when it's not coming from any authentic source. And without even looking at it, we grant them all the permissions it needs. Think about it again, we try to keep us safe physically, but what about our online safety? What about our privacy? What about our data security?

We often ignore all of these thinking that these things do no harm to us. It's just an app, it's just a smartphone after all. We probably spend a lot of time using these apps like accessing the news, playing music, watching movies, social networking, gaming, capturing moments and the list go on. Every once in a while though, it's worth to make sure that these apps are not going beyond their limit that is, collecting more data about us and controlling more of our devices than we'd like.

The term "App Permissions"� means the permission that we give to any app on our smartphone or on any other device in order to run it. The little popups on screen as soon as we install and run any app for the first time from the play store or the app store is the permission we are talking about. We must be aware what are the mistakes that we knowingly or unknowingly make while using our smartphones, by installing any third-party software or by giving all the permission to any app blindly, without looking once, continuously tapping 'Allow' option till the time that popup fades. We often think it's a waste of time and it seems irritating sometimes.

For example, Google Chrome requires permission to access device gallery, file manager, camera, location GPS, contacts and much more. Till Android v5.0(Lollipop) we were not given any direct popups for permissions, the app gets the permissions automatically as soon as we install that app. It was until the time of android version 6.0 (Marshmallow) when google realized that permission pop up is required and user must have the freedom to give or not to give that particular permission to that app. And after android 6.0 it's still a feature now also as we are currently running on Android v10.

There was a time when there wasn't any smartphone existed and hence there was no existence of any kind of apps since there was no platform to run it. But since the internet evolved, new technologies came to be invented and implemented and there was innovation. If we look back 14 to 15 years back from the current time, we can see that there were no such smartphones existed, so there wasn't any app either that requires the user's permission to run it.

But, it was this time in the year 2007 when Apple launched it's very first iphone which was basically a touch screen smartphone that has all the features of camera, connectivity, internet, media, and all other stuffs and 'IOS' that is iphone's operating system came into existence. And on the other hand google also thought that why we stay behind them. Hence google also went ahead and launched it's very first operating system to the world names as 'Android OS'.

Before these two operating system we did had other operating systems like Symbian, Java, Blackberry OS. But those OS were not open source and hence cannot be used by any companies for their smartphones. These OS were used by companies like Nokia, Blackberry and HTC.

Now we had operating system and these two, that is, Android and IOS were the two operating systems that is widely used in numerous smartphones since the beginning. Android, being an open source software based on Linux OS, can be used by any manufacturer free of cost. But on the other hand, IOS was not open source hence it was not available for any other smartphones except that Apple's very own iphones and ipads.

Looking at this data, it is evident that the coding and programming of Android source code can be altered by any smartphone manufacturing company, by means of their own custom skin. For example "� One UI used by Samsung in their smartphones and tablets, earlier it was TouchWiz UI. Xiaomi uses MIUI. OnePlus has its own Oxygen OS. Vivo use FunTouch OS. Oppo has Color OS, and much more. There are a lot of custom OS modifications of android. Hence companies can modify them as per their want.

We are not experts in programming as a layman and we can't actually say what are the things that the companies had altered in the original Google's Android Operating System in order to make their own custom user interface. No doubt IOS is much more secure than Android OS simply because its source code is not open and is not available to anyone except Apple itself.

Usually what the human tendency is that these apps don't display or don't exactly explain why that particular permission is required in order to run that app. Hence, the user goes on clicking accept button every time the permission was asked. Just like we do on a computer while installing any software, simply by agreeing to terms and conditions tick box.

By skipping these permissions, by not bothering why this is required, we are, in some way or the other, giving away our precious data or we are simply giving away the control of our device and the data to those app developers. We don't know what the coding of that app is, we don't know what bugs, bots are programmed there in that app that can extract our data from our device without our permission and without our knowledge. This can definitely lead to data breaches and it's just a matter of seconds, the moment we click, is when our data gets stored in their databases.

Most of the apps have the tendency to store their data even when the app is uninstalled. The data may be kept in a hidden folder present on our device and we may not be aware of that. Those files can still access our data which is absolutely a risk. It keeps hidden inside our file manager. For instance, I installed a game on my Smartphone, and while running it asks for a lot of permissions. I went ahead and granted permissions that the app asked for.

So, I clicked on "agree"� button. There were permissions like - "Modify or delete the contents of your storage"�, it is required because the game stores some data, whether cache data, or any save game or any other modification needs to be stored on the file manager. Game also download other DLC updates which is also stored in the file manager itself. "Retrieve running apps"�, means the game uses third party login sources like Facebook, twitter, google play games and others as well for authentication and login purpose.

"Network access"� is needed because some games need an active internet connection to connect to the game server in order to play it. Some of the games like clash of clans, call of duty mobile, Battlegrounds Mobile India requires an internet connection in order to run it.

Hence this permission was also justified. "Read call logs, read your contacts"� is the option that made me think. I denied that permission. This is because it's just a game and that app in my view has nothing to do with my contact list and call log data. These are the minute thigs that are required to be noticed by any user. It's not a waste of 1min, but it ensures our privacy. So, this needs to be taken care of. Malicious apps are likely to exploit the permissions that you give them. Just like virus spread, these apps have the capability to clone or multiply. They can even plant bots that can extract data from our device without us knowing it.

Now when it comes to clicking and granting permissions, one thing struck in my, and that is something called as click wrap and shrink wrap licenses that we often use in some way or the other. Not only on smartphones, but also on laptops and other devices that run some other operating system, may it be windows or mac, all works the same way when it comes to installing a software or an app. These two terms come under 'E-Contracts'. Shrink wrap license means something associated with any physical product. It notifies the user or the customer that the software or an app belongs to so and so developer or it's copyrighted and must not be pirated further.

While on the other hand, as shrink-wrap licenses rose in popularity, Click-wrap licenses came into light. It is essentially a license agreement that a user agrees to digitally, usually by clicking on a I accept button that will be activated right then when we install some new software on our computer. This act of clicking this button serves as an understanding of the agreement that the user had agreed for the terms and conditions provided. An example of a click-wrap license is the example of agreeing to the terms of service on Google Chrome by clicking the I agree to the terms and conditions button.

One such example is one of the biggest data breach of Facebook happened recently in the year 2018. According to reports, this incident led to the data breach of around 20 Million Facebook users round the globe. It was the largest in the company's 14-year history. The attackers misused a feature in Facebook's source code in order to access the personal data of Facebook users and to take control of them. 

I would like to discuss some of the ways in order to ensure that we as a user and our data as privacy is secured.

1. Never trust any app blindly, may it be coming from an authentic source or from any trusted app developer.
2. Do check each and every permission it asks for
3. Check if that permission is actually necessary or not in order to run that app or if the app is asking for it unnecessarily
4. Read terms and conditions of any app carefully before actually installing it and giving it full control over your device.

At last all I can say is that "Data Breaches don't just violate our privacy. They even create huge risks for our economy as well as national security". One always need to be beware where and how their data is being used without their consent.