nullpay.
Back to toolkit
DeviceQuick win10 miniosandroid

App Permissions Audit

Risk

The risk

Why this matters

Over-permissioned apps harvest data far beyond their function. A flashlight app reading your contacts. A weather app tracking your location 24/7. Each unnecessary permission is a data exfiltration channel.

Setup guide

How to set it up

  1. 1

    On iOS: Settings → Privacy & Security → review each permission category

  2. 2

    Deny by default: location, camera, microphone, contacts, phone

  3. 3

    For apps that need location: set to 'While Using' instead of 'Always'

  4. 4

    Delete apps you haven't used in 30 days

  5. 5

    Prefer the web version of services over their native app when possible