| Android permissions group | Permissions obtained from Group by app and usage per app feature(s) |
|---|
| Notifications | POST_NOTIFICATIONS
Used for permissions that are associated with posting notifications
- Displaying information
- Keeping application alive for continuous protection
|
| Camera | CAMERA
Accessing camera and capturing images/video from the device
- Password Vault reads QR codes with device camera
|
| Device & app history | PRELOAD
Preload websites- Safe browser capabilities
READ_HISTORY_BOOKMARKS
Read your Web bookmarks and history
- Safe Browsing is observing changes in web history database for safeguarding the user from malicious web addresses
WRITE_HISTORY_BOOKMARKS
Write web bookmarks and history- Modifying history (web site titles) to be able detect users navigation (current web page) in web browser application
|
| Location | ACCESS_COARSE_LOCATION
Approximate location (network-based)- Trusted Wi‑Fi capabilities
ACCESS_FINE_LOCATION
Precise location (GPS and network-based)- Trusted Wi‑Fi capabilities
|
| Storage | MANAGE_EXTERNAL_STORAGE
All file access- Required for Antivirus functionality
READ_EXTERNAL_STORAGE
Accessing external storage- This is added automatically during manifest merge if WRITE_EXTERNAL_STORAGE permission is requested
WRITE_EXTERNAL_STORAGE
Erase USB storage, access USB storage filesystem, read the contents of your USB storage, modify or delete the contents of your USB storage- Antivirus, while scanning for malicious apps, is accessing also mass storage devices attached to device
- Antivirus, when detecting a malicious app, can remove the malicious app from a mass storage device per user consent
|
| Biometrics | USE_BIOMETRIC
Use device supported biometric modalities- Required for fingerprint authentication
USE_FINGERPRINT
Use fingerprint authentication- Password Vault supports login with fingerprint
|
| Device ID & call information | READ_PHONE_STATE
Read phone status and identity- App and service subscription including as metadata; Android ID on all devices
|
| Wi‑Fi connection information | ACCESS_WIFI_STATE
View Wi‑Fi connections- Observing the Wi‑Fi networks visited by the device and displays a notification when a previously unvisited Wi‑Fi is visited for the first time
- VPN trusted networks feature
CHANGE_WIFI_STATE
Connect and disconnect from Wi‑Fi
Wi‑Fi capabilities- VPN requires this for detecting P2P Wi‑Fi connections (does not actually change Wi‑Fi state)
|
| Other | ACCESS_DOWNLOAD_MANAGER, ACCESS_ALL_DOWNLOADS, ACCESS_DOWNLOAD_MANAGER_ADVANCED
Access download manager and notifications- Antivirus observes notifications for new app downloads, and access Downloads folder to access the downloaded apps for scanning
- Safe Browser needs to be able to store files to Download folder when user chooses to download a file
ACCESS_NETWORK_STATE
View network connections- Optimizing network carrier (Wi‑Fi, mobile, roaming) for client-backend communication
ACTION_POWER_CONNECTED, ACTION_POWER_DISCONNECTED
Allows app to listen to whether external power has been connected or removed- App will be woken for these events
BIND_ACCESSIBILITY_SERVICE
Accessibility service- Used for Family Rules feature: Allowing a parent to protect child from unsuitable web content, and allowing a parent to apply device and apps usage restrictions for a child
- Used for Chrome Protection feature: To protect user against malicious website
BIND_DEVICE_ADMIN
Android Device Administrator- Preventing children from removing the application without parental guidance, and for Browsing Protection
BIND_GET_INSTALL_REFERRER_SERVICE
Analytics- Required for continuous protection
BLUETOOTH
Connect to paired bluetooth devices- Bluetooth API is used for retrieving the user defined device name, as in Android the name is coupled to the Bluetooth service; Is not actually used for connecting to other devices
BIND_AUTOFILL_SERVICE
Ensures that only system can bind into autofill service- Required for Password Vault capabilities
BIND_JOB_SERVICE
Protects the applications scheduled job services- Required for continuous protection
BIND_REMOTEVIEWS
Binding different remote views, such as lists or grids- Required for Safe Browser capabilities
BIND_VPN_SERVICE
Ensures that only system can bind into vpn service- Required for VPN capabilities
BILLING
Google Play billing service- The app may offer purchasable product upgrades as In-app purchases
CHECK_LICENSE
Google Play license check- Google Play license check used with In-app purchase functionality
DUMP
Allows an application to retrieve state dump information from system servicesDYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION
The app does not export dynamic receivers- Required for safer runtime receivers
FOREGROUND_SERVICE
From Android P, this is needed to allow the app to use foreground service- Foreground service is needed to keep the app running and protect the device
FOREGROUND_SERVICE_LOCATION
Allows use for foreground service with location type- Required for Family Rules and for VPN
FOREGROUND_SERVICE_SPECIAL_USE
Allows special use for foreground service- Required for Family Rules
FOREGROUND_SERVICE_SYSTEM_EXEMPTED
Allows use for foreground service regardless of system settings- Required for Family Rules and for VPN
INSTALL_SHORTCUT
Install shortcuts- For installing Total and Safe browser shortcuts in Launcher
INTERNET
Receive data from Internet- Network access is required for retrieving app / service subscription status
- Antivirus functionality
- Safe Browsing
KILL_BACKGROUND_PROCESSES
Close other apps- Parental Control to close blocked applications
NFC
Control Near Field Communication- Safe Browser allows sharing the URL of the current viewed browser page over NFC
QUERY_ALL_PACKAGES
Allows query of any normal app on the device, regardless of manifest declarations
Required for:- Antivirus
- Family Rules (App control)
READ
Access all files- Required for Antivirus functionality
READ_SYNC_SETTINGS
Check status of sync settings- Safe Browser capabilities
RECEIVE
Receive cloud messaging- Required for continuous protection
RECEIVE_BOOT_COMPLETED
Run at start-up- Antivirus engine start-up at device start-up Antivirus performs device boot-time scan, when enabled by user in app settings
- Antivirus feature, to be able to execute scan for external drives when device is booted
- Safe Browsing feature must be running always to be able to monitor changes in web history database
- Parental Control must be running always to be able to block unwanted applications
- For starting VPN
REORDER_TASKS
Allows the application to change order of tasks- Required to automatically bring application to foreground
REQUEST_DELETE_PACKAGES
Allows the application to request deleting packages- To uninstall apps in the device
REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
Allows application to stay alive by ignoring battery optimizations- Required for continuous protection
REVOCATION_NOTIFICATION
Google Play permissions- Required for In-app purchase functionality
SEND
Send cloud messaging- Required for continuous protection
SEND_DOWNLOAD_COMPLETED_INTENTS
Notify app when a download has been completed- Required for Antivirus functionality
- Safe browser functionality
SET_WALLPAPER
Set wallpaper- Safe Browser needs to be able to set wallpaper if user wishes to use an image opened in browser as a wallpaper
SYSTEM_ALERT_WINDOW
Draw overlays on top of other applications- Used for Chrome Protection: Allowing the app to display site's reputation on top of Chrome
UNINSTALL
Internal uninstall- Required for uninstalling Total internally
USE_EXT_API
External API communication- Required for continuous protection
USE_OVER_IPC
Internal app communication- Required for communication across process boundary
VIBRATE
Control vibration- Vibration used as a fall-back method for playing a sound for app notifications when device is set to vibrating mode
WAKE_LOCK
Prevent device from sleeping- Safe browser functionality
WRITE_SETTINGS
Modify system settings- System settings are modified for Parental Control (Accessibility, Device Administrator) per user consent
WRITE_SYNC_SETTINGS
Toggle sync on and off- Safe Browser Sync Adapter for URL autocomplete and suggestions
|
