A Longitudinal Study of App Permission Usage across the Google Play Store

The Android operating system takes a permission-based approach to mediate the access that apps have to sensitive APIs and user data. Although there are over 1,600,000 third-party Android apps in the Google Play Store, little has been conclusively shown about how their individual (and collective) permission requirements have evolved over time. This is important as the permission system forms the last line of defense between user security/privacy and the apps they use. Recently, Android 6 overhauled the way permissions are granted by users, by switching to run-time permission requests instead of install-time permission requests. Overall this is a welcome change, but new research has shown that many users continue to accept run-time permissions blindly, leaving them at the mercy of third-party app developers and adversaries. Beyond intentional invasions of privacy, highly privileged apps increase the attack surface of smartphones and are attractive targets for attackers looking to perform privilege escalation attacks. For this reason, we aim to quantify any trend in permission usage by apps across the app ecosystem to confirm current (intuitive) hypotheses and identify potential future threats. This work focuses exclusively on dangerous permissions, i.e., those permissions that guard access to sensitive user data. By taking snapshots of the Google Play Store over a 20-month period, we characterise changes in the number and type of dangerous permissions required by Android apps when they are updated, to gain a greater understanding of the evolution of permission usage in the Android app ecosystem. We found that 13.8% of updated apps (approximately 30,000) asked for additional permissions every three months. Worryingly, we made statistically significant observations that free apps and very popular apps were more likely to ask for additional permissions when they were updated.